Half of cyber attacks and malware recorded in Kenyan computers originate from China, with voice over internet protocol (VoIP) the biggest security threat facing enterprises in the East African country.
The statistics were revealed in data from a report by the Telecommunication Service Providers of Kenya (TESPOK), which found cyber-attacks and security threats to businesses have risen sharply, resulting in huge financial losses to firms in Kenya.
The United States and Korea follow closely as countries that harbour computer security threats to Kenya.
Brazil, South Africa and India have also been noted for distributing the malicious software found in Kenyan computers.
The report indicated most businesses were suffering from recurrent disruptions with others not meeting the mandatory regulatory compliance due to insecure business networks.
Speaking at the launch of the Industry Computer Security Report, TESPOK chairman, Tom Omariba, said most losses are incurred in business due to low-level knowledge in cyber security.
“Cyber security awareness amongst the general public is rather low. We would like to sensitise the end users on what precautions to take when they go online,” Omariba said.
File sharing applications were listed second in terms of targeted enterprise applications, followed by email, Cacti, Cpanel, Adobe PDF, and software activation applications Joomla and WordPress.
The report shows that through analysis of threats on traffic passing through the Kenya Internet Exchange Point (KIXP), firms were losing a lot of money through illegal use of VoIP.
“By gaining control over the VoIP server and phones, attackers are able to carry out VoIP phishing scams, eavesdropping, toll fraud or denial-of-service attacks,” said the report.
The report also showed the slammer worm as the top malware found in devices used by Kenyan Internet users.
Also observed was suspiciously heavy remote access traffic targeted at IP addresses belonging to banks and insurance companies with Kenya’s Central Bank being its most recent victim where its website was brought down by hackers from Gaza.
The data was collected in the three months to June 2013 by TESPOK’s Industry Computer Security and Incident Response Team (ICSIRT), by deploying sensors in Kenyan organisations.