David Mugo, Senior Solution Engineer, Commvault.

Businesses in Kenya are growing increasingly concerned about being targeted by cyber threats, especially ransomware attacks, which are growing in both frequency and sophistication and can have devastating effects on organisations. According to a report released by Liquid C2, businesses in Kenya reported an 82% increase in cyberattacks in 2022, while also highlighting that 90% of the country’s large enterprises suffered a successful cyber breach last year.

In a high-profile incident in July, an attack was launched against government’s eCitizen portal, which is used by the public to access key online government services, disrupting services for several days. A ransomware attack was also carried out against the Kenya Airports Authority in March, with cybercriminals reportedly demanding KSh67.6 million (466 206,89 USD) to return 514 GB of data.

Ransomware is malware that denies a user or organisation access to files in their environment. Cybercriminals will typically encrypt data and demand a ransom payment in exchange for a decryption key, placing the organisation in a position where paying the ransom is the easiest and cheapest way to regain access to its data.

Costly and damaging

Ransomware attacks can be very costly and damaging for businesses, with no guarantee that paying the ransom will result in the decryption of the targeted organisation’s breached data. In some cases – depending on the size of the enterprise – hackers will demand more money once they have been paid the initial ransom amount.

These type of cyberattacks are particularly concerning for businesses in Kenya, as well as the entire East African region, where the majority of companies are Small and Medium Enterprises (SMEs). In Kenya, SMEs account for 90% of businesses, according to Oxfam.

Alarming, ransomware attacks can bankrupt a small business, even if the data is recovered, as the downtime due to the attack can result in profit loss and resultant reputational damage can see customers taking their business elsewhere. Additionally, businesses are also likely to incur costs related to regulator fines, as well as having to pay for technical support or an expensive ransom fee. Even if an organisation’s data was backed up, it still costs time and money to get the business back online.

Layered approach

To protect themselves against ransomware attacks, organisations are advised to adopt a layered approach to security, which includes training employees to be aware of threats, getting the right cybersecurity solutions, using strong passwords and carrying out continuous testing. It is also very important to ensure that security software is always up to date and the latest patches are installed. Attackers often look for outdated and unpatched software to exploit these vulnerabilities.

It is also extremely important that organisations backup their data as often as possible. In the event that they are hit by a ransomware attack and their data is encrypted, having a backup that is a few hours old means they do not need to pay the ransom and can almost immediately get back to business as usual. Additionally, there are also robust ransomware protection solutions available.

However, one of the most effective ways to defend against ransomware attacks is to engage the services of a suitable data management solutions provider that can provide ubiquitous data recovery across hybrid workloads, regardless of where the data resides. This enables a company to recover and get back to business as quickly as possible after an attack.

The right data management solution will also provide an early detection system for anything that changes across the environment, with real-time visibility into cyber threats and risks across the customer’s data landscape. A robust solution will enable an organisation to increase its attack surface by adding simulated devices that lure attackers and set off alerts once a compromise attempt is detected.

While ransomware attacks are a growing concern in Kenya and the rest of the region, there are robust solutions that customers can count on to protect them against these type of threats. With the right vendor, SMEs no longer need to fear that a ransomware incident will spell disaster.