In an unprecedented cyber event, Kenya’s eCitizen portal recently faced a formidable adversary – a distributed denial-of-service (DDoS) attack. This is a type of cyberattack that aims to overwhelm a system or network with a massive volume of traffic, causing disruption and potential downtime.
Recently, this has been the country’s situation. And now as Kenya grapples with the aftermath, we explore the significance of cyber security in fortifying critical infrastructures and share insights on mitigating the impact of DDoS attacks.We engaged a cyber security expert, who delved into the intricacies of the attack, shedding light on its motivations and the ramifications it posed for the government and its citizens.
Dadaab CLosure
The attaack is alleged to have been in retaliation from the recent Dadaab Refugee Camp Closure. The attack on the eCitizen portal was executed by a group identifying themselves as Anonymous Sudan.
“The attack on the e-Citizen platform involved an unsuccessful attempt to overload the system with extraordinary requests with the intention of clogging the system, but our technical teams blocked the source IP address from which the requests originated,” Kenya’s ICT cabinet secretary Eliud Owalo said. “However, as a result of the attack efforts, the system is experiencing intermittent interruptions that are affecting the normal speed of access to services on the platform. We will shortly return to optimal utilisation levels.”
The Anonymous Sudan is believed to be a Russian Hacktivist Group disguising as Sudan and hitting the country at a in support of Sudan following Kenya’s open criticism and doubt on the sovereignty of the Sudan government. President William Ruto (Kenya) was recently appointed to lead a mediation group in effort to end the ongoing war in Sudan.
An assessment on the impact of the attack on eCitizen portal by Digital Experts (DXE)’ a cybersecurity startup in Nairobi reported only denial of access.
Dr. Stanley Chege, CEO DXE said, “eCitizen portal is a lifeline for Kenyan citizens, businesses, and organizations for offerring access to essential government services. Its downtime was catastrphic.”
He adds that luckily, only service unavailability and downtime characterized this particular attack with no data leaks or loss. “We quantify the severity of disruptions experienced by users. With data on financial losses and the portal’s role as a critical touchpoint for governmental functions, we can fairly clasify this as a not-severe attack, nonetheless, an attack.”
Dr. Chege mentions of the cybersecurity challenges and vulnerabilities that would be experienced during such attacks. He says, “DDoS attacks flood the targeted network with an overwhelming volume of traffic, consuming the available bandwidth. This can lead to a slowdown or complete loss of connectivity for legitimate users.”
DDoS attacks also cause Network Infrastructure Disruption by targeting critical network infrastructure components, such as routers and firewalls, leading to network instability or downtime leading to mitigation complexities. Fortuately for this case, the actors were identified. He also points out that during such attacks, distinguishing between legitimate and malicious traffic requires sophisticated filtering and analysis techniques.
Fortification Strategies
Dr. Chege proposes a multifaceted approach for the Kenyan government’s response to the attack. He underscores the need for a multifaceted approach to cybersecurity. Beyond reactive measures and proactive strategies organizations can adopt to prevent and mitigate DDoS attacks.
Top in his recommenations list is what he refers to as Traffic Analysis and Anomaly Detection strategy, whose implemention, he avers, can identify unusual patterns and behavior in network traffic. These systems can help detect and respond to potential DDoS attacks in real-time.
The second strategy is the Scalable Infrastructure. He observes that building a scalable and redundant network infrastructure that can absorb and handle sudden spikes in traffic ensures that the organization’s services remain available even during DDoS attacks.
He then mentions the Load Balancers that he describes as solutions to distribute incoming traffic across multiple servers or data centers. This, he says, not only optimizes performance but also helps distribute DDoS attack traffic, preventing overload on specific resources.
My candid conversation with Dr. Chege underscores a collaborative resilience approach in tachling DDoS attacks and any other cyber crimes. Different stakeholders including government and non-government organizations must take the road ahead even as the eCitizen portal stands restored.
An ecosystem of public-private partnerships in sharing threat intelligence, conducting joint exercises, and strengthening cyber defenses will enhance cyber hygiene across board thus resilience.
In his closing remarks, Dr. Chege says, “Experts’ insights on emerging cyber threats and the imperative of continuous vigilance guide Kenya’s journey towards a more resilient cyber frontier.” Adding, “The eCitizen portal’s DDoS attack serves as a clarion call for governments and organizations alike to invest in cybersecurity fortifications.”
By delving into the attack’s motivations, impact, and vulnerabilities, we (Kenyans) will reinforce the importance of safeguarding critical digital infrastructures. Emphasizing the significance of public awareness and proactive strategies as Kenya charts its course towards a more secure cyber landscape. As the nation forges ahead, the collaborative resilience of government, businesses, and citizens shall remain the bulwark against emerging cyber adversaries, protecting Kenya’s digital realm from future threats.
Molly is a versatile and detail-oriented writer with a background in journalism & PR. She is passionate about technology, science, arts, and culture. She delves into extensive research and writing. She is a Published Author