BUSINESSFEATURED STORY

Explained: How Ransomware Attacks Work, as KAA, Naivas Hit

Share
In a statement, Naivas disclosed that it had engaged cybersecurity firm CrowdStrike following a data breach. [Photo/ RMS]
In a statement, Naivas disclosed that it had engaged cybersecurity firm CrowdStrike following a data breach. [Photo/ RMS]
Share

With cyberattacks on the increase in Kenya, businesses of all sizes face a range of attacks. Hits in the past month on Naivas Supermarkets and Kenya Airports Authority (KAA) have brought to the fore the threat of ransomware attacks, particularly on large organizations.

Both Naivas and KAA saw their data compromised after failing to meet the demands of the attackers. In the Naivas leak, data captured by the attackers exposed the supermarkets’ customers to more threats including phishing attacks as it includes sensitive customer information.  In the KAA leak, fears of security being compromised were abound as the hackers leaked several gigabytes of the authority’s data including layouts of airports, as well as confidential email conversations.

What Are Ransomware Attacks?

Ransomware is a type of malware designed to deny an individual or an organization access to their files. Attackers gain access to the files on a computer or shared server and encrypt them, denying a user or organization access to their data. They then demand a ransom payment in exchange for the decryption key, with the payment often made through cryptocurrency. In some cases, such as the Naivas and KAA ransomware attacks, they include an element of  data theft – providing greater incentive for victims to pay the ransom. In the KAA attack, the attackers demanded Ksh67.6 million while threatening to release the data, but KAA termed the data breach insignificant while failing to pay up.

READ>Unsecured Loans That Enable You To Achieve Your Big Dreams

Ransomware today is one of most prominent types of malware. Across the world, attackers are targeting organizations including dating apps, ecommerce platforms, hospitals, insurers and medical companies and holding sensitive data hostage.

Kenya National Bureau of Statistics (KNBS) data indicates that cybersecurity advisories issued to companies increased by 3,693 percent from 81,727 in 2020 to 3.1 million advisories in 2021. The adoption of improved detection technology played a part.

Total cyber threats rose by 142 percent from 139.1 million to 339.1 million over the same period. Of the cyber threats reported, system vulnerabilities rose from from 114,675 in 2020 to 58 million in 2021. Reported Botnet/DDOs threats also increased from 4.1 million in 2020 to 92.1 million in 2021.

The consistent increase in attacks has been attributed to the growing number of cyber threat actors such as hacktivists, state-sponsored groups, organized cybercriminals, and cyber terrorists.

NEXT>Safaricom Increases 5G Coverage To 21 Counties

Written by
BUSINESS TODAY -

editor [at] businesstoday.co.ke

Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Follow Us

Related Articles
iHub expands operations in east africa
BUSINESS

Tech Incubator iHub Pumps Sh1.3 Billion in Startups, Eyes Regional Expansion

Africa’s Pioneering tech incubator - iHub - is pushing for greater Pan-African...

National Bank of Kenya - NBK Kenya profit 2024
BUSINESS

NBK Shakes Kenya’s Banking Industry With 142% Growth in Profit

The National Bank of Kenya (NBK) has recorded an outstanding growth in...

I&M Bank Posts Pre-tax Profit of Ksh14.1 Billion
BUSINESS

I&M Bank Posts Pre-tax Profit of Ksh14.1 Billion

This week, I&M Bank reported a monster jump in its third-quarter earnings,...

The Chairman of the Kenya Power Board of Directors, Joy Brenda Masinde speaking during the launch of the Kenya Power Sustainability Strategy.
BUSINESS

Kenya Power Turns on a New Business Strategy

Kenya Power has launched its sustainability strategy that provides a roadmap for...