In 2017, Kenya’s digital economy lost Sh21.1 billion to cybercrime. FILE PHOTO | NMG
As this year comes to an end, more companies and government
agencies are thinking of proactive
mechanisms of mitigating cybercrime, a menace that has caused enormous economic harm to Kenya.
mechanisms of mitigating cybercrime, a menace that has caused enormous economic harm to Kenya.
As
they prepare for 2020, most firms are aware that the biggest
cyberattacks are orchestrated during the last three months of the year,
when people’s minds are are occupied by holiday trips and making merry,
according to research.
Traditional cybersecurity
measures are increasingly being rendered ineffective in an era where
cyber attackers have devised new and more dangerous online weaponry to
pilfer critical data and money. This has pushed cybersecuiry experts to
strive to design systems that stay ahead of the criminal elements.
The
year has witnessed advances in Artificial Intelligence (AI) and Machine
Learning (ML) by global experts who deploy real-time data and analytics
to build stronger firewalls in an evidence-based ecosystem.
During
the CIO 100 Symposium event held at Lake Naivasha Resort recently,
cyber threat intelligence was identified as the best approach for
organisations to gain evidence-based knowledge about threats and build
effective defenses to mitigate the risks that could damage their
reputation or bring them to their knees.
“Intelligence in cyber security involves staying a step ahead of
cyber attackers, scouting for malicious leads and analysing them to
better secure your data,” said Mr Niall MacLeod, Director of Solutions
Architecture in Europe, Middle East and Africa at global threat
intelligence leader Anomali.
Just like police
intelligence, cyber threat intelligence monitors potential sources of
security breach, evaluate, analyse them and advise IT security
departments on best actions. This process requires more data science
skills as ML is the key driver for accurate analysis that reduces false
positives.
“We normalise disparate sources and enrich
them with additional threat context. This helps us give threat analysts
decision advantage and improve situational awareness,” he said.
He
added that the company is working with commercial banks in East Africa
and key government agencies — the major targets for cybercrime — to help
thwart attacks before they happen.
The nature of
attacks is changing, and most Kenyan corporates seem to be behind these
dynamics, as SMEs and Saccos keep committing small budgets for
cybersecurity, and end up losing more.
Organisations
need pre-emptive measures to ensure a 99.99 percent of uptime, and
recover fast enough once an attack lands on their networks.
Many
organisations have ditched traditional data storage methods and moved
to the cloud. However, while backing up their data offline, other
virtual machines gain access to their confidential information.
These
attacks come as snares in the form of file hashes, Internet Protocol
links, zip files, execution files, applications. Spear phishing,
botnets, malware, ransomware, Dedicated Denial of Service (DDoS) and
Advanced Persistent Threat (APT) make the cyber security space complex
for many corporates.
However, with threat intelligence,
these attacks are gathered, automated, investigated and shared among
experts to maintain full control of private and classified information.
By
with the use of honeypot technology, companies can benefit from
real-time monitoring and forensic analysis of security threats happening
around them. It is a network-attached decoy system and aims to lure
cyber attackers and to detect, deflect or study their hacking attempts.
Mr
MacLeod demonstrated how a new software — Anomali Lens— allows anyone,
from security operations staff to board members, to automatically and
immediately know if their organisations are being attacked, who the
adversaries are, and if the attacks have been successful.
“With
these key security questions answered, users can make effective
decisions about how to respond. With one click, Anomali Lens scans
web-based content, detects and highlights all threats identified within,
provides easy-to-understand details about the threats and tells users
if any threats are already present in their networks,” he said. “It
scans web content that includes news, blogs, research, bulletins, SIEM
logs, other security logs, IR reports, Twitter and other social
networks. Automated threat bulletins created by Anomali Lens are added
to Anomali ThreatStream.”
These can then be shared
across organisations and trusted circles. Bulletins can also be directly
integrated into security controls for immediate blocking, detection and
mitigation.
Anomali Lens is supported by advanced
natural language processing (NLP) and context-aware detection and is
currently deployed as a browser plugin.
Kenya,
cybersecurity experts say, is usually used as a testing ground by cyber
criminals who want to assess the cyber resilience strength of Africa,
before launching devastating attacks in other countries. “Cyber
attackers are usually motivated by money and critical information that
powers espionage of secret government plans, especially now when
geopolitical wars between the East and West are rife,” said, Mr MacLeod.
In
2017, Kenya’s digital economy lost Sh21.1 billion to cybercrime, which
increased by 39.8 percent in 2018 to Sh29.5 billion according to
pan-African based cyber-security and business consultancy Serianu.
Millions of shillings have been invested in cyber security
infrastructure.
No comments :
Post a Comment