Single Post
homeBlogs
homeBlogs
By: OOC
By Allan Ong’ato, Advocate
Cyber security refers to means of collecting the tools, policies, security concepts, guidelines, security safeguards, risk management approaches, actions, best practices, assurance and technologies that can be used to protect cyber technologies.[1]
Kenya had for a long time lacked proper mechanisms to counter cybercrime. A cybercrime countermeasure is defined as an action, process, technology, device or system that serves to prevent or mitigate the effects of a cyber attack against a computer, server, network or associated device. A countermeasure can either be technical or regulatory; technical in the sense that computer and network users are advised to use internet protection such as strong, unique passwords to protect themselves from hackers while regulatory measures include legal frameworks that define and detail the conditions for prosecution of cybercrime.
Prior to enactment of the Computer Misuse and Cybercrimes Act in 2018, the Interpretation and General Provisions Act still required production of a physical document for purposes of adducing evidence in Court. This meant that the production of information and evidence generated, sent or stored in magnetic, optical or computer memory was still contentious. The Evidence Act Cap. 80 of the Laws of Kenya would however later be amended to allow the admissibility of digital evidence in court.
In Kenya, the Kenya Information and Communications Act establishes a body known as the National Computer Emergency Response Team (CERTS), whose mandate is to fight cybercrime in Kenya. In February 2012, Kenya entered into an agreement with a United Nations agency on the implementation of a national focal point for coordinating responses to cyber security incidents in the country.
In this regard, and in line with the mandate given to it under the Kenya Information and Communications Act, 1998, to develop a national cyber security management framework and in order to mitigate cyber threats and foster a safer Kenyan cyberspace, the Communications Authority of Kenya (CA) set up the National Kenya Computer Incident Response Team – Coordination Centre (National KE-CIRT/CC), a multi-agency collaboration framework which is responsible for the national coordination of cyber security as Kenya’s national point of contact on cyber security matters.
The National KE-CIRT/CC coordinates response to cyber security matters at the national level in collaboration with relevant actors locally and internationally. The National KE-CIRT/CC is based at the CA Centre and comprises of staff from the Communications Authority and law enforcement agencies.
The National KE-CIRT/CC detects, prevents and responds to various cyber threats targeted at the country on a 24/7 basis, having commenced round-the-clock operations in 2017.
The National KE-CIRT/CC therefore acts as the interface between local and international ICT services providers whose platforms are used to perpetrate cybercrimes, and our Judicial Law and Order Sector which investigates and prosecutes cybercrimes.
The functions of the National KE-CIRT/CC include the following:
Cyber security collaboration
To combat crime, in view of the cross border nature of cyber crime, international collaborations are an essential component of cyber security management.
The Kenyan government is working with the International Criminal Police Organization (INTERPOL) to combat cybercrime in Kenya. Consequently, Kenya is able to leverage on INTERPOL’s technical guidance for combating cybercrime, including detection, forensic evidence collection, and investigation. An information technology crime investigation manual provides a technological law enforcement model to improve the efficiency of combating cybercrimes.
The Communications Authority has enhanced its trust network at the local and international level through collaborations and information sharing with various global cyber security partners.
These partners included ITU, Forum for Incident Response and Security Teams (FIRST), Internet Corporation for Assigned Names and Numbers (ICANN), Facebook, Twitter, Google, GoDaddy, G7 24/7 Cybercrime Network and 48 other National CIRTs.
The Authority also established new collaborations with the Portuguese National CERT (CERT.PT).
Cyber threats are continuously evolving at a greater speed than the development of cyber defences. During the period January to March, 2020, the National KE-CIRT/CC detected 34.6 million cyber threat events. There was an observed increase in the use of phising emails, fake websites, fake news and email scams. They were linked to the ongoing Covid pandemic
In response, the National KE-CIRT/CC issued advisories, best practice guides and created awareness to the public via various platforms in a bid to deter and contain the criminal and fraudulent activities. It was noted that there was need for the rapid development of a skilled cyber security workforce through training, re-training and up skilling as a critical component in enhancing Kenya’s cyber readiness and resilience.
The National KE-CIRT/CC prepares cyber security reports Quarterly to better address the rapid changes in cyber security threats.
[1] Section 2 of the Kenya Information Communications Act No. 2 of 1998