By Phyllis Migwi
In Kenya, daily life almost ground to a halt last month as millions of people found themselves unable to access more than 5,000 recently digitized critical government services. These services, ranging from national health records to e-visa applications and electricity payments, play a vital role in the functioning of the country. The widespread disruption served as a stark reminder of the significant challenge that governments in Africa face as they embark on their digital transformation journeys: securing critical infrastructure. This challenge is further underscored by the fact that the number of reported cyberattacks in Kenya between July and September of the previous year saw a staggering 200 percent increase compared to the previous quarter.
Microsoft’s latest Cyber Signals report sheds light on the critical infrastructure targeted during high-profile events and provides valuable insights into why government entities are attractive targets for cyberattacks and how threat actors infiltrate essential services. Drawing from their experience delivering cybersecurity support during Qatar’s hosting of the FIFA World Cup 2022™, the report offers a blueprint for governments and organizations seeking to mitigate such threats.
Government entities, much like global sporting events, are susceptible to a level of cyber risk that is unparalleled in other environments. News reports from around the world consistently highlight a rising trend in cyberattacks against state and local governments, with attacks on critical infrastructure accounting for a significant portion, increasing from 20 to 40 percent of all nation-state attacks. This trend is particularly evident in Africa, which records some of the highest incidences of cyberattacks globally. In a recent report on Africa’s cybersecurity landscape, Kenya stood out with 82 percent of decision-makers in the region reporting an increase in cybersecurity threats over the past year.
Recognizing the transformative potential of digital technologies, the Kenyan government has identified cybersecurity as a cornerstone for success. To combat cyber threats, they have established the National Cyber Security Authority and the National Computer Incident Response Team and are collaborating with partners to implement the National Cyber Security Strategy 2022-2027. However, as citizens demand increasingly efficient government services delivered through high-performing and always-available technology, cybersecurity threats become more diverse and complex.
One of the primary challenges facing public sector organizations is the need to collaborate with numerous contractors and third parties across extensive networks to fulfill their mandates. This complexity makes it difficult for IT teams to gain visibility into all devices and data flows across the network, expanding the attack surface for threat actors. Cybercriminals capitalize on these opportunities to launch targeted or widespread attacks, given the wealth of sensitive information held by government institutions.
Mitigating such a magnitude of cyber threats demands advanced cybersecurity operations. For context, Microsoft analyzed over 634.6 million events while providing cybersecurity support for Qatari infrastructure during November and December of 2022. Security coverage spanned various essential functions, including healthcare, where critical facilities were designated for the World Cup. These high-value targets had previously fallen victim to intrusions and were highly susceptible to ransomware attacks. Protecting them required the intelligence to scan signals, isolate infected assets, and disrupt network attacks.
The question arises: How can public sector institutions ensure their cybersecurity systems can effectively thwart the heightened level of malicious activity directed their way? Microsoft’s Cyber Signals report recommends several key steps. Firstly, agencies should conduct a focused cyber risk assessment to identify potential threats specific to their organization, including contractors and suppliers. Equally critical is the implementation of a comprehensive and multi-layered security framework powered by the cloud, which includes firewalls, intrusion detection and prevention systems, and strong encryption protocols to fortify the network against unauthorized access and data breaches.
Regular security audits and vulnerability assessments should also be conducted to identify and address weaknesses within the network infrastructure. Furthermore, user awareness and training programs are crucial to educate employees and stakeholders about cybersecurity best practices, such as recognizing phishing emails, using multifactor authentication, avoiding suspicious links or downloads, and implementing least privileged access to grant system and service access only to those who need it.
The security of critical infrastructure is a global challenge that will continue to escalate as cyberattacks become increasingly sophisticated and widespread. Recent events have demonstrated that no organization is immune to the threat posed by well-funded and determined adversaries. Defending against cybercriminals is a complex, ever-evolving, and never-ending challenge that requires not only the right technology but also shared information and strategic partnerships. Microsoft stands as one such partner, offering a range of threat protection capabilities and expertise to help organizations safeguard their critical infrastructure and navigate the evolving landscape of cyber threats.
Phyllis Migwi is Microsoft Country Manager for Kenya