Kenya on High Alert as Sophisticated Cyber-Attacks Target Key Government Portals
Kenya’s national cybersecurity apparatus is on high alert following a coordinated wave of sophisticated cyber-attacks that have disrupted several critical government digital services over the past 72 hours. The attacks, primarily sophisticated distributed denial-of-service (DDoS) campaigns, have targeted key portals including the e-Citizen platform, the Kenya Revenue Authority’s iTax system, and the Judiciary’s e-filing service, causing significant intermittent outages and hampering service delivery to citizens and businesses. The National KE-CIRT/CC (Kenya Computer Incident Response Team Coordination Centre) has confirmed it is actively mitigating the threats.
Preliminary investigations by technical teams point to the involvement of a hacktivist group with suspected international links. The attackers have not only flooded government servers with traffic to overwhelm them but have also attempted to exploit vulnerabilities in older web applications to gain unauthorized access to sensitive data. We are seeing a highly determined adversary. Their goal appears to be causing maximum disruption and eroding public trust in our digital infrastructure, stated a senior official from the Ministry of Information, Communication and Technology who is not authorized to speak publicly. The official confirmed that no core data has been breached, but the availability of services has been severely compromised.
The impact has been felt across the economy, with businesses unable to file tax returns, apply for permits, or access crucial regulatory documents. I’ve spent two whole days trying to download a single compliance certificate from e-Citizen. This outage is costing me real money and could jeopardize a client contract, lamented James Mwangi, a small business owner in Nairobi. The incident has sparked serious concerns among cybersecurity experts about the country’s preparedness for such large-scale digital assaults, especially with the ongoing push towards a fully digital government.
In response, the government is accelerating the implementation of its National Cybersecurity Strategy, which includes the deployment of advanced threat detection systems and mandatory security audits for all state agencies. The KE-CIRT/CC is working with international partners to trace the source of the attacks and bolster local defenses. This is a wake-up call. We must invest more in securing our digital borders with the same seriousness we secure our physical ones. The future of our digital economy depends on it, the ICT official added, signaling a renewed focus on cyber-resilience in the national agenda.