Brazen Cyber Attack Paralyses Most Government Services
4 min read
Thursday 27/07/2023
Most internet-based and mobile payment platforms came to a standstill Yesterday following a major exposure to a growing threat of payment service disruptions to the economy.
For over 48 hours, over 5,000 public services in Kenya were disabled. The attack hit a critical section of the country’s financial system with M-Pesa, a mobile service product that is fast turning into an artery for the circulation of money in Kenya’s economy, also disrupted.
The M-Pesa App, which handled transactions valued at Sh1.3 trillion in the year up to March, had all its activities particularly affected in what is turning into a major test of the country’s preparedness against cyber-attacks as the government moves most of its services online.
However, the major impact was felt when the e-Citizen, a government e-services portal, was affected. This attack led to a widespread shutdown of most public services days. The cyber attack comes a few days after the government shifted all its services to the portal.
Eliud Owalo, the ICT Cabinet Secretary, described the attack as a distributed denial-of-service (DDoS) attack, which disrupted the servers by jamming the platform with meaningless internet traffic to successfully bar legitimate users from access.
A group identifying itself as Anonymous Sudan claimed responsibility for the attack.A
According to the CS, there was no data accessed or lost following the cyber-attack on the eCitizen platform. By the time the CS was reporting, a few payment platforms were already getting back online. However, the eCitizen, which provides critical government services like the issuance of driver’s licenses, passports, and visas, is still down.
“Further to our earlier communication, accessibility to some of our services including Driver Testing and Licensing and Public Service Vehicle licensing is affected by an intermittent connection on the eCitizen network,” said the National Transport and Safety Authority (NTSA) in a statement.
Some households also had problems paying their electricity bills through their M-Pesa App.
“We are experiencing a system hitch due to a network breakdown from our service provider. Consequently, some of our services such as the purchase of prepaid tokens through M-Pesa and USSD [Unstructured Supplementary Service Data] code *977# are unavailable,” said Kenya Power in an update.
Other companies that came out to announce disruption of services included the Kenya Railways, with passengers having difficulty paying for services on the standard gauge railway.
The disruption cut across the whole economy- from payment of bus fares by those going home after work to visa processing for those who want to leave the country.
Safaricom had not issued an official statement on the attack by the time of going to press, but the Communications Authority of Kenya director-general Ezra Chiloba told the Business Daily that the agency had issued an advisory to relevant agencies on how to deal with the threat.
Mr Chiloba said the eCitizen platform first experienced service disruption characterised by service unavailability on Sunday, July 23, 2023.
“The National KE-CIRT/CC has been monitoring Kenya’s cyberspace and issuing daily cyber threat advisories to critical information infrastructure organizations, which include energy companies, banks, and telecommunications companies, among others.”
He said that based on the reported incident, the National KE-CIRT/CC undertook and continues to undertake technical cyber threat analysis on the eCitizen platform and related services.
“We have issued relevant advisories for action. National KE-CIRT/CC continues to monitor the situation on a 24/7 basis.”
The National Computer and Cybercrimes Coordination Committee (NC4) director, Evans Ombati, confirmed that the organisation, which is mandated to monitor the national cyber threat landscape, has in recent days noticed abnormal global internet traffic targeted at Critical Information Infrastructures (CIIs) in Kenya.
“NC4 has established that in the recent past, there has been increased/abnormal global internet traffic targeted at several CIIs in Kenya, aimed at disrupting essential services, particularly in telecommunications, banking and education sectors,” he said.
“In this regard, it is recommended that the Kenya Education Network Trust informs all research and education institutions in Kenya to implement necessary cybersecurity measures and share with NC4 on any malicious traffic and incidents.”
The attack is a major test of President William Ruto’s plan to develop a digital super highway as part of his job-creation agenda.
Last month, while unveiling more services into the e-Citizen portal, the head of State talked of ushering the country into the era of e-governance that was supposed to make life easier for every citizen, irrespective of their status in society.
“This is the power and promise of Gava Mkononi: you have your government in the palm of your hand,” said the President.
However, he acknowledged that with most of the government services being taken online, the danger of being hacked was also pronounced.
“The imperatives of governing in the digital age come with many opportunities, as we have seen, and challenges as well. A major challenge that should concern all of us relates to the domain of cyber security,” said the President.
The protracted grounding of the eCitizen portal meant the stagnation of critical government services that Kenyans seek to access from the platform around the clock.
Among the most popular services sought by citizens on the portal are visa applications, business registrations, police clearance and applications for provisional driving licences.
Others are Higher Education Loans Board (Helb) services, foreign nationals’ initial registrations, civil registrations for marriages, Kenya Ports Authority (KPA) and the Kenya Revenue Authority (KRA) services.
About Author
