The Computer Society of Kenya

Since 1986

Weaponised AI, ransomware-as-a-service, long-game identity theft and other 2023 trends

ai-1BUSINESS DAILY By PAUL FABARA

Over the last decade, a steady stream of innovation has made digital payments easier and more convenient for everyone.

But emerging technologies like generative AI and a pandemic-accelerated digital explosion have also given rise to new forms of fraud — fraud that all together cost online businesses $41 billion globally in 2022 and is expected to jump 17 percent in 2023.

Here are five trends impacting payment security this year — and where security innovation is needed most.

1. The proliferation of fraud tools makes anyone a potential hacker.

As more and more people shop and pay for things online, the number of fraud targets grows. At the same time, inflation, cost of living, and economic uncertainty are giving more people an incentive to turn to fraudulent activity.

Read more...

Lawsuit filed to stop government’s single paybill directive

eliudBUSINESS DAILY By SAM KIPLAGAT

The High Court has certified as urgent a petition seeking to stop the government from migrating all digital payment systems to one platform after two petitioners challenged the directive arguing that it is unconstitutional.

Justice Hedwig Ong’udi certified the case as urgent and directed Fredrick Ogola and lawyer Benard Odero Okello to serve the court papers to CS Treasury Njuguna Ndung’u, his ICT counterpart Eliud Owalo and Attorney General Justin Muturi.

The duo argue that the State acted unilaterally and arbitrarily by directing the closure of all government digital payment systems, to allow on-boarding all government services, at the national and county levels, into one digital payment platform eCitizen.go.ke. The directive takes effect on September 30.

The two have challenged the directive, saying there was no public participation before the formulation of the single digital payment platform.

Read more...

Set data safety rules for cryptocurrency

worldcoinBUSINESS DAILY By BUSINESS DAILY

After several days of biometric data collection from Kenyans by the promoters of the cryptocurrency project WorldCoin, the government belatedly moved to clamp down on the exercise on Wednesday, citing risks that had been highlighted repeatedly by cyber security experts.

This uncoordinated approach to a potential public risk—there is still no clarity over the security of the collected data—has exposed the government’s lack of a comprehensive policy when it comes to handling cryptocurrency.

Aside from the official cautions from the Capital Markets Authority (CMA) and the Central Bank of Kenya (CBK) about the dangers of such investments, issuers are still allowed to sell coins to the public, with some being outright scams.

Now, the risk has evolved, to include data that is collected in the course of issuing such coins and other exercises such as WorldCoin’s registration.

The government agencies involved in the data chain should now craft a comprehensive plan on how to handle the question of data safety, and also conduct public awareness campaigns on the need to protect one’s sensitive personal data in the cyber world.

Read more...

Why businesses, State agencies need to beef up war chest against hackers

cybersecurityBUSINESS DAILY By KABUI MWANGI

Kenya was recently viciously shaken by a series of cyberattack incidents that nearly threatened to ground the economy to a halt, triggering engagements between sector experts and executives on the need to review existing defence mechanisms.

The attack on Kenya, allegedly by a group of hackers only identified as ‘Anonymous Sudan’, hit the core of the financial systems with M-Pesa, a mobile service fast turning into an artery for the circulation of money in Kenya’s economy, being affected.

The other major disruption happened on the government services portal, e-Citizen.

Since the attacks happened, subsequent debates among industry experts and business managers have revolved around looking at the loose ends that need to be tightened.

Read more...

Stay alert to cyber-attack threats after Thursday

cybersecurityBUSINESS DAILY

On Thursday, Kenya once again suffered a major cyber-attack that hit thousands of government services.

At a time the government was shifting most of its services online through the eCitizen portal, the attack almost brought the economy to a standstill.

Banks’ mobile apps were not working and mobile money transactions were disrupted, leaving individuals and organisations with penalties due to missed due dates for various credit terms, including loans.

That the Thursday attempt is coming only weeks after revelations that Chinese hackers had also targeted the debt data should be a wake-up call since they almost succeeded in disabling the entire financial sector.

All relevant actors must always remain alert and ensure the country is secure. All the concerned agencies must realise that the world operates round the clock and any small hitch leaves huge losses that we cannot afford to ignore.

Read more...

Share this page