View Full Version : Concerns Grow Over VoIP Security in Kenya

VoIP News & PR
07-10-2014, 04:55 AM
Kenya’s financial institutions lose nearly Sh1.6 billion yearly to cases of fraud and cybercrime, according to a shocking report published this month by the 2013 Banking Fraud Investigations Department (BFID). Even more concerning, the statistic marks a nearly 300 percent increase over a nine month period in 2013.

As the developing world gains access to the Internet, the immense vulnerability and lack of infrastructure in these nations is exposed. Pouring resources into advancing technology and restructuring the way businesses operate is not enough to raise them among the ranks of the global economy. Often, the trappings of the internet and overexposure lead them even more susceptible to criminal activity, and in this case fraud.

Even more devastating to the hopes of Kenya and other nations, these crimes are often produced “through schemes hatched by employees, [who] took advantage of the online and mobile banking platforms to temper with the web systems in their respective banks to siphon out the cash,” according to William Makatiani, managing director of Serianu Limited, a leading IT services firm in Kenya.

As the banks become more digitized, internet transactions, online banking, mobile money transfers and cyber credit card and check payments become increasingly the norm in a country that does not possess the ability adequately protect all of these assets. Makatiani highlights the two fold advantage to these fraudsters of preying on a population with a “growing dependence” on the new infrastructure and a “perceived lower risk of detection and capture…as compare to more traditional crime.”

Hackers are preying as well on the popularity of VoIP services, breaking into private branch exchange (PBX) phone systems to make illegal and fraudulent calls on behalf of the bank they represent, and taking money from unsuspecting civilians. Banks are equally hurt as they are left completely liable for the lost money. “Car selling companies” based on the internet are also targeting unsuspecting consumers selling them ghost cars and other nonexistent goods.

Beyond the banking industry, the Kenyan government itself is facing major risks with their newly launched programs. The Kenya Revenue Authority’s iTax system, the Kenya Trade Network Agency, and the Integrated Financial Management Information System, all face serious threats. In 2013, network attacks grew by 108 percent to 5.4 million compared to just 2.6 million the previous year. Makatiani states that nearly “85 percent of all Web application in the country are unsecure and available for attacks.”

Kris Senanu, chairman of Telecommunications Service Providers of Kenya, a technology industry lobby group, sees a partnership between the private sector and the government as the solution to the growing threat. Senanu called for corporate and government organizations to impose security sanctions at the beginning of ICT (information communication technology) infrastructure creation.

The Principal Secretary in the Ministry of Information, Communications and Technology, Joseph Tiampati ole Musuni responded with the promise of a National Cybersecurity Strategy to research, create and regulate the growing problems in Kenya’s technology industry. He envisions a Kenya Computer Incident Response Team Co-ordination Center to be formed and operational by August of 2014.

The example of Kenya points to the realities of technology in developing countries. Simply dropping off advanced systems and operations at their doorstep is not enough to aid developing countries in playing catch up with the global superpowers. These are delicate states with intense structural inequalities and problems that cannot be fixed with faster processors. The entire society must play a role in the advancement of the economy and technology, and cannot leave gaping insecurities that will render them even more powerless.