Saturday, August 17, 2013
China ‘top source’ of malicious software in Kenyan computers
China is the top source for malicious software found in Kenyan computers, a situation reflecting the global trends in cyber insecurity.
Data published in a report by the Telecommunication Service Providers of Kenya (TESPOK) indicates that more than 50 per cent of cyber attacks and malware recorded on Kenyan computers originate from China.
The United States and Korea follow closely as countries that harbour computer security threats to Kenya. Brazil, South Africa and India have also been noted for distributing the malicious software found in Kenyan computers.
The data is in line with global statistics in which the United States and China are leading as sources and targets for malware.
Further, there is a fresh arms race for cyber intelligence with the United States and China at the forefront carrying out attacks against each other.
“This is reflected in the data we collected from our censors,” reads the Cyber Threats Report.
The data was collected in the three months to June 2013 by TESPOK’s Industry Computer Security and Incident Response Team (ICSIRT), by deploying censors in Kenyan organisations.
During the period, the team catalogued the top cyber threats facing Kenyan businesses.
Services that allow users to make phone calls over the Internet, also known as Voice over Internet Protocol (VoIP) services, were identified as vulnerable.
“By gaining control over the VoIP server and phones, attackers are able to carry out VoIP phishing scams, eavesdropping, toll fraud or denial-of-service attacks,” said the report.
Further, the data collected identifies the top malware found in devices used by Kenyan Internet users.
The Slammer Worm, which was first released onto the Internet ten years ago, is the top concern in Kenya today.
Once a system is infected with the Slammer Worm, it provides a hacker with remote access. The hacker can then force servers or web browsers to disclose confidential information.
Mariposa, a Trojan horse (malicious software that pretends to provide legitimate services), was the second most common malware in Kenyan computers. The software gives hackers remote control of computers.
The report notes that most malware can be tackled by installing genuine software and antivirus on computers and updating them frequently.
Over the last decade, Internet penetration in Kenya has risen quickly with data from the Communications Commission of Kenya indicating that there was a 49.2 per cent increase in data subscriptions in the year to March. Today, more than 16 million Kenyans have Internet access.
Unfortunately, this quick rise in Internet usage has not been marched by public awareness on computer security, leaving Kenyans vulnerable to hackers and cyber criminals.
Data for 2012 from computer security firm Kaspersky indicated that 49 out of every 100 computers in Kenya were infected with malicious software.
The situation has been exacerbated by the use of pirated software which leaves computers more vulnerable as they cannot access security updates from manufacturers.
The problem, however, extends beyond individuals using the Internet. Among enterprises, companies are losing billions of shillings annually as savvy criminals steal crucial data from unsecure systems.
The government has also not escaped unscathed with its websites often falling victim to hackers.