Tough squad to fight cybercrime in both public and private sectors

The government plans to create an independent authority to oversee efforts to fight cybercrime both in the public and the private sector.

The proposal is included in the draft Cyber Security Strategy authored by the Ministry of Information and Communication through the ICT Authority, which was released Monday for review by members of the public.

It is envisioned that the body will be given the mandate to investigate abuse of Information, Communication and Technology (ICT) networks and infrastructure. It will also guide the government on policymaking in cyber security.

“The entity will be responsible for development of specific regulations, oversight of cyber-security implementation and compliance across the public and private sectors,” reads the strategy.

Oversight on the management of government and private sector assets that are identified as critical infrastructure will also fall under this authority in order to protect the public interest.

RISING INCIDENCES

In the report, the ministry notes that the rise in technology usage in Kenya has been matched by growth in incidences and sophistication of cybercrime.

According to recent statistics from the government, Kenya records losses of at least Sh2 billion ($23.3 million) annually due to various forms of cybercrime.

While the advent of the Internet in the late 1980s, was marked by “password guessing” and “self-replicating code” as the main forms of cybercrime, Kenya is currently facing more advanced attacks, some of which may be categorised as cyber-based terrorism and organised crime.

A 2013 report by the Telecommunication Service Providers of Kenya (TESPOK) indicated that more than 50 per cent of cyber-attacks and malware recorded on Kenyan computers originated from China.

The country’s capability to tackle these crimes is not quite as developed.

“…Overall, GoK’s (Government of Kenya’s) cyber security posture is still relatively immature in the face of the growing complexity and sophistication of cyber threats,” reads the strategy.

SPECIAL UNIT

Recently, the government has stepped up efforts to tackle cybercrime. The Communications Commission of Kenya (CCK) has set up a Computer Incident Response Team (KE-CIRT), whose mandate is to coordinate response and management of cyber incidences nationally.

Further, the Director of Public Prosecutions, Mr Keriako Tobiko, says his office has established a unit dedicated to tackling cybercrime.

The strategy proposed by the ICT Authority calls for the development of an over-arching penal code and associated legislation to deal with cybercrime.

This sort of criminal activity is partly defined as illegal access, acquisition of data and interception. Illegal online gambling, cyber warfare, fraud, online pornography also fall within the umbrella of cybercrime.

The ICT Authority wants the government to make budgetary allocations to fund the activities of the proposed body in future.

Public Private Partnerships are also pitched as possible funding models to drive the cyber-security agenda. Public education to inform Kenyans of the threats associated with the use of the Internet and computers will also be carried out. 

Disjointed projects by various government ministries, departments and agencies have sometimes crippled some of the ministry’s efforts in the past. The strategy calls for information sharing as well as an over-arching policy defining the responsibilities of each government entity.