Cyber security in the spotlight as hackers infiltrate defence account

Hacker’s attack on Kenya’s defence social media account among others has turned the spotlight on the country’s readiness in dealing with cyber security even as the government adopts digital platforms in service provision.

On Sunday, the Twitter account for the Kenya Defence Forces was breached along with that of the military spokesperson Emmanuel Chirchir. KDF took back control of the handles on Monday morning only to have them infiltrated again hours later.

A hacker, self-identified by the twitter handle @Anon_0x03,  also entered into the National Environment Trust Fund’s website and claimed to have accessed a number of other government sites including that of the Integrated Financial Management System (IFMIS) and the Ministry of Immigration and Registration of Persons.

These were relatively low-level attacks in comparison to the onslaught that awaits the government should it fail to match cyber-security measures with its efforts to digitise operations.

“The more we adopt IT and the more data we put online, the more we will see cyber-attacks targeted at the government in Kenya. The problem is, we are not secure,” Mr William Makatiani managing director of IT security firm Serianu said.

@Anon_0x03 declared allegiance to Anonymous, a movement of  Internet hacktivists and activists. A hacker defaced the NETFUND site and used the KDF accounts to tweet messages critical of the government and its policies.

More worrying, however, was a claim by the hacker that he had accessed Major Chirchir’s email. An alleged screen-grab of the major’s inbox was posted online.

KDF, in an interview with the Daily Nation on Tuesday, dismissed this saying that no confidential information had been obtained. “As far as I am concerned, it is only twitter that was accessed…. MOD (ministry of defence) website is secure and there is no MOD information which has been compromised,” Colonel Willy Wesonga, a KDF spokesperson, said in a telephone interview.

One of the vulnerabilities in the government’s online and digital presence is the level of decentralisation. Each ministry, department and agency has virtual autonomy over its website, the software it chooses to use as well its social media accounts and that of its staff.