By 
Recent cyberattacks on Kenya’s government agencies have been linked to suspected Chinese hackers. These attacks exploited vulnerabilities in SoftEther enterprise virtual private network (VPN) software, which is commonly used for remote connections to organizational networks. Additionally, the hackers employed structured query language (SQL) injection and directory traversal exploits against web and SQL applications.
While it remains uncertain whether the attackers successfully breached these organizations, Recorded Future reported that the hackers were actively identifying vulnerabilities within the networks.
This is not Kenya’s first encounter with Chinese cyberattacks. In May 2023, Reuters reported that Chinese hackers targeted various Kenyan government departments, including the finance ministry, the president’s office, and the spy agency, in an effort to gather information about Kenya’s debt to China.
In July of the same year, a Sudanese hacker group known as “Anonymous Sudan” claimed responsibility for hacking into Kenya’s eCitizen platform, including the National Transport and Safety Authority (NTSA). They disrupted operations using a distributed denial-of-service (DDoS) attack, which they asserted was a response to Kenya’s alleged interference in Sudanese affairs.
Kenya may soon receive enhanced cybersecurity support from major tech companies. In May 2024, tech giants such as Google and Microsoft committed to digital investments in the country and pledged to provide joint support in various areas, including cybersecurity.
Comments