Why Kenyans need to be vigilant in 2015
Why Kenyans need to be vigilant in 2015
Global security services provider Kaspersky Lab has presented an overview of general threats in 2015, as well as that which is expected to dominate Kenya's threat landscape. The Company explains why there can be no respite for being vigilant.
Bethwel Opil, Channel Sales Manager for East Africa at Kaspersky Lab comments on the threat landscape in Kenya: "One of the biggest areas of concern remains online and mobile banking. A decade ago, these platforms were used by a limited number of early adopters, but have since evolved to into a mainstream service in Kenya. Despite its ease of use and convenience, financial institutions still need to ensure that the proper security protocols are in place to avoid any vulnerabilities across applications."
With the rise of smarter banking solutions, mobile money wallets have also grown in prominence not only in Kenya but also in the rest of Africa with many countries introducing similar solutions.
"These mobile money offerings are a great way to manage micro-transactions and reach the unbanked population. While the benefits are numerous, mobile money has also attracted malicious users. In Kenya, we are already seeing criminals targeting the m-pesa platform. Users need to remain cautious and apply common sense when it comes to potentially fraudulent transactions," adds Opil.
However, cyber criminals are growing in confidence. They have been attacking users of banking services, seeing them as the weak link in the security chain – and given this, next year Kaspersky Lab experts anticipate high-stakes targeted cyber-attacks pinpointing the banks themselves. And the fraudsters won't stop here; Kaspersky Lab expects they will go for broke and try to develop new malware that can take cash directly from ATMs.
In addition to financial cybercrime, 2015 is also likely to bring even more privacy concerns, security worries about Apple devices and renewed fears about connected devices to prevent hackers using tools like network printers to penetrate corporate networks.
This year's insights: what to expect
• Attacks against virtual payment systems, which could be extended to the new Apple Pay
• Attacks against ATMs
• Malware incidents where banks are breached using methods coming directly from the targeted cyber-attack playbook
• More Internet-bleeding stories: dangerous vulnerabilities appearing in old code, exposing the Internet infrastructure to menacing attacks.
• In-the-wild attacks against networked printers and other connected devices that can help an advanced attacker to maintain persistence and lateral movement within a corporate network.
• Malicious software designed for OSX being pushed via torrents and pirated software packages
• A shift where the bigger, noisy cyber-threat actors splinter into smaller units, operating independently of each other. This in turn will result in a more widespread attack base with more diverse attacks coming from more sources.
Beyond this, cyber espionage is also anticipated to increase significantly in the coming months.
"Cybercriminals will be sponsored by states or individual organisations using highly sophisticated and carefully constructed methods to gain access to a network and steal information quietly. In addition, cyber espionage is another emerging threat to be aware of especially with the ongoing political and economic policy changes taking place in Kenya," continues Opil.
These are just some of the threats businesses and consumers need to be aware of in 2015. For companies, the high prevalence of internal threats will remain the biggest security threat in the months, and possibly, years to come.
"Authorised users will continue to probe systems for unauthorised access, co-opted other user's access privileges, and attack systems for a variety of reasons including revenge, blackmail, competitive advantage, and disgruntlement. People's increase mobility will intensify this threat as attacks could come from a much more diverse geographical location," he concludes.