- The government restored the eCitizen portal after reports of cyber attacks jammed more than 5,000 services on the platform
- Information, Communication Technology, and Digital Economy Cabinet Secretary (CS) Eliud Owalo confirmed an attempted cyberattack on eCitizen services
- Owalo noted that the hackers tried to overload the website with many requests in a cyber attack known as Distributed Denial-of-Service (DDoS)
- Cyber security expert Moses Kemibaro described DDoS attack as an unexpected traffic jam clogging up the highway
CHECK OUT: No Location Limits! Master Copywriting from Anywhere in Kenya with Our Online Course. Enroll & Get Started Today!
For about three days, Kenyans have not been able to access more than 5,000 government services on the eCitizen platform.
This came barely a month after President William Ruto launched the Gava Mkononi app, digitising about 80% of government services.
What cyber attack affected eCitizen?
But on Thursday, July 27, Kenyans took to social media raising concerns over the service breakdown, a move that saw ICT and Digital Economy CS Eliud Owalo confirm hacking attempts on the platform.
PAY ATTENTION: Join TUKO.co.ke Telegram channel! Never miss important updates
The cyber attack paralysed essential services in the country, including Kenya Power prepaid token services via M-Pesa and some mobile banking services.
The state categorised it under the Distributed Denial-of-Service (DDoS) cyber attack, saying it has restored eCitizen services.
What is Distributed Denial-of-Service (DDoS) attack?
In an exclusive interview with TUKO.co.ke, Dotsavvy Africa Founder and CEO Moses Kemibaro described Distributed Denial-of-Service (DDoS) cyber attack as an unexpected traffic jam clogging up the highway.
"A DDoS, or Distributed Denial of Service, attack is essentially a form of digital congestion. It's as if you are trying to drive on Thika Road during rush hour, but all of a sudden, thousands of additional cars, buses, and trucks flood the road.
"Chaos, right? That's pretty much what a DDoS attack does to a website or online service, as with eCitizen. It sends so much traffic that a website or online service can't handle it and ends up stuck in its own digital traffic jam!" he explained.
According to CloudFlare, a DDoS attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of internet traffic.
How did DDoS attack happen on E-Citizen?
Kemibaro noted that DDoS cyber attackers use a bunch of computers infected by a virus or malware.
The computers, referred to as botnets and controlled remotely by a hacker, direct requests all at once to the eCitizen portal, causing an overload.
"Well, hackers who launch a DDoS attack use a bunch of computers (like, thousands of them, globally) that they've infected with a virus. It's like having a digital army of computers, also called a botnet, at their disposal, ready to unleash chaos.
In Kenya's case, they sent this botnet to visit eCitizen all at once, causing a serious overload. It's basically a form of digital sabotage," he continued.
How to identify and prevent DDoS cyber attacks
The expert revealed that preventing DDoS attacks could not be easy but requires a multi-layered approach.
"Organizations can install rate limiting on the network level, which restricts the number of requests a server will accept in a certain timeframe from a single IP address.
"Advanced threat intelligence systems can help identify botnet traffic patterns and block them. Think of it like traffic police that divert cars when there's an accident, so these services direct the traffic through different servers, which act like filters to keep out the bad stuff and let through the good."
The biggest issue with identifying a DDoS attack is the usual symptoms technology users encounter on a daily basis, Fortinet wrote.
The issues include slow upload or download performance speeds, the website becoming unavailable to view, a dropped internet connection, unusual media and content, or excessive spam.
How to avoid DDoS cyber attack
Kemibaro urged computer users to keep their devices updated and avoid suspicious links and websites.
"On a personal level, everyone should ensure that their devices are secure to prevent them from being a part of these DDoS botnets.
This includes keeping software and hardware updated, using strong and unique passwords, and being cautious about clicking on suspicious links or downloading untrusted software. Digital security isn't a one-time deal - it's an ongoing commitment," he advised.
He said the attacks on eCitizen are a wake-up call, to keep learning, stay updated on new threats, and adopt best practices for online safety.
Who initiated DDoS cyber attacks on eCitizen?
There were reports that a racket of cyber attackers from Sudan were responsible for hacking attempts on eCitizen and some private entities.
Tec Cabal established a cyber attack group dubbed Anonymous Sudan as the one behind the websites' security breach.
Kenya's pronouncement on the state of the conflict in Sudan has been pointed to as the motivation behind the unforeseen attacks.
PAY ATTENTION: Click “See First” under the “Following” tab to see TUKO News on your News Feed
William Ruto's Mother Attends MP's Birthday Party In Style, Spotted Having Fun Times
Video Of Visually Impaired Man Identifying Cars By Touching Them Goes Viral: "Hii Ni Toyota Ractis"
German Govt Okays Plan To Legalise Recreational Cannabis
