Central Bank puts firms on high alert over cyber attacks

The Central Bank of Kenya (CBK) has received credible information that the bank and other government facilities could be the target of an imminent cyber-attack.

CBK is warning its employees to be ready and vigilant to stop such an event that has seen three central banks infiltrated by hackers this year.

“In light of this risk, we advise all staff to be cautious when opening e-mails and accessing the Internet. Do not open e-mails from unknown sources,” reads a notice at the CBK offices.

A cyber-attack saw Sh8.1 billion ($81 million) stolen from Bangladesh’s central bank and BBC News reported that an unnamed commercial bank also came under attack targeting its money.

Swift, which oversees the financial messaging network that underpins global money transfers, said the second attack showed that the Bangladesh theft was not an isolated incident but “part of a wider and highly adaptive campaign targeting banks.”

Hacktivists have also gone after the websites of the Central Bank of Cyprus, which briefly came under attack, days after a hacking collective said it conducted a similar attack on the Greek central bank’s site.

The Kenyan Central Bank is not new to breaches of its Internet security. In July 2013, CBK’s website was taken over by the Gaza Hacker Team.

Hackers targeted the exchange rates section of the site and defaced it with the messages in both English and French which read “…But all your interests and your citizens in all parts of the world will be our legitimate targets! So, if you want the safety of yourselves, possessions and interests from our revenge, Depart all soldiers from our land ‘Mali’”.

CBK Governor Patrick Njoroge on Tuesday refused to comment on whether the Kenyan central bank had noticed an overt threat but stated that all central bankers were on the lookout.

SUSTAINED ATTACKS

“All I can say is it has been very very embarrassing for those jurisdictions where this has happened, my peers around the world meet each other, we discuss some of these things, all of us are cognisant about the impact of this,” he said at a press briefing at his office on Tuesday.

The most prominent attacks in Kenya have, however, been propagated by activists who have not gone after financial institutions and individuals money.

The Kenyan Government has especially been a target of sustained attacks by hacktivists — hackers who use computers and their networks to promote a political agenda by hijacking websites and leaking documents about nations.

Hackers associated with the global movement Anonymous have in the past stated that the ongoing cyber-attacks on web and social sites operated by the government, the military and top leaders is part of an effort to expose corruption in Kenya.

Last month, the Kenyan Foreign Affairs ministry came under attack by the activists who said they had initiated ‘Operation Africa’ to stand against corruption, child abuse, and child labour.

Hackers claimed that they had mined one terabyte of data from the Foreign Affairs ministry and will be dumping it on the deep web.

The ICT Cabinet Secretary Joe Mucheru, however, said the attack was phishing, as opposed to a hacking on the Foreign Affairs ministry’s computer systems, and that no classified material had been accessed.