By Mthulisi Sibanda
Johannesburg — KENYA is increasingly becoming a victim of its renowned status as the continent's leading digital economy.
The East African country, the biggest regional economy, has emerged a favourite hunting ground for cyber-criminals with nearly 20 million internet-borne cyber-threats detected on computers in 2018, according to Kaspersky Lab Africa.
This translates to 33,5 percent of users being attacked. The number of internet related threats in Kenya grew 3,5 times in 2018 in comparison to 2017.
South Africa, the continent's most advanced economy, is second on the victims list with over 18 million of web-related threats and 29,3 percent of attacked users.
Nigeria, the biggest African economy, is sitting at 6,5 million attacks and 31,9 percent users attacked and Namibia with nearly 1,4 million attacks and 25,2 percent of users attacked.
"Kenya is a growing digital economy," explained Riaan Badenhorst, Managing Director of Kaspersky Lab Africa.
In an interview, the executive said as internet usage grew, businesses in Kenya were relying on technology, connecting to more devices, as well as incorporating Bring Your Own Device (BYOD) and the Internet of Things (IoT) for work and social purposes.
"This opens up any business and person to the world of security threats. And where there is opportunity, there are cybercriminals," Badenhorst told CAJ News Africa.
In Kenya, the financial sector is the most vulnerable to attacks. Banks, payment systems and e-commerce are the hardest hit. In the third quarter of 2018, banks accounted for 18 percent of the attacks. Payment systems accounted for 10 percent of the attacks.
M-Pesa, launched in Kenya in 2007, is among the world's most prominent mobile phone-based money transfer, financing and micro-financing services.
Badenhorst noted the rise of social engineering in Kenya.
This is a technique designed to lure unsuspecting users into sending them their confidential data, infecting their computers with malware.
"No one is safe or exempted from being a target of social engineering attacks, whether it is a small or big organisation across various industries. What's important is to know are the type of attacks are out there and how they can be prevented," Badenhorst said.
Other types of social engineering attacks include phishing and peer-to-peer (P2P) network attacks.
"Cyber-attacks are getting more sophisticated and tailored all over the world," the executive said.
According to Kaspersky, users in the Middle East, Turkey and Africa (META) region seem to be heavily impacted by phishing and ransomware attacks.