The Kenyan Government exposed its soft underbelly on cybersecurity when about 19 of its critical website were hacked into on June 3, 2019.
IFMIS and NYS web platforms were some of the website irregularly accessed by a group of ruthless Indonesian hackers. The hacking group, KURD defaced the websites and even placed their logo on the main web interfaces.
The more than 18 websites included the Judicial Service Commission (JSC) platform, Kenya Meat Commission (KMC), and the Immigration Department.
At the close of business on June 3, 2019, the Government Cyber Security Team had taken control of the websites and, consequently placed them under maintenance.
However, this attack raises queries on the government’s capacity to secure its data. Further, the unauthorized access to such sites as IFMIS expressly implies that such an attack can have drastic effects on the government’s financial integrity. IFMIS controls an integrated financial management system that facilitates the flow of fund from government facilities to service providers. The hacking of such a sensitive facility can encourage similar operations by rogue business and government operators.
The hacking incident reveals the under-investment by the government on cybersecurity. Authorities are yet to identify and access appropriate personnel to manage critical cybersecurity issues.