Kenyan Financial Institutions Lost Over Ksh 5.6 Billion To Cybercrime, Calling For The Need For Enhanced Cybersecurity In The Country’s Banking Sector

By Steve Biko Wafula / Published March 24, 2023 | 12:45 pm




KEY POINTS

In 2020, the Equity Bank reported that it had lost KES 1.3 billion ($13 million) to a cyber attack. The bank did not disclose the details of the attack, but it was reported that the attackers used phishing emails to access the bank's system and transfer the money to various accounts.


Kenyan Shilling

KEY TAKEAWAYS


NBK lost KES 29 million ($280,000), the KRA lost KES 4 billion ($40 million), the CBA lost KES 90 million ($900,000), the Cooperative Bank of Kenya lost KES 157 million ($1.57 million), and the Equity Bank lost KES 1.3 billion ($13 million).


Kenyan financial institutions have lost millions of dollars to cybercrime over the past few years. Some of the most significant cyberattacks have targeted banks such as the National Bank of Kenya, the Kenya Revenue Authority, the Commercial Bank of Africa, the Cooperative Bank of Kenya, and the Equity Bank.

The attacks have involved sophisticated techniques such as phishing emails, social engineering, malware, and ATM malware.

The financial losses resulting from these attacks range from hundreds of thousands to millions of dollars. For example, the NBK lost KES 29 million ($280,000), the KRA lost KES 4 billion ($40 million), the CBA lost KES 90 million ($900,000), the Cooperative Bank of Kenya lost KES 157 million ($1.57 million), and the Equity Bank lost KES 1.3 billion ($13 million).

These losses are significant and highlight the need for financial institutions in Kenya to prioritize cybersecurity to prevent further financial losses and protect customer data.

Over the past few years, cybercrime has become a major concern for Kenyan banks. The country has seen an increase in cyberattacks targeting financial institutions, leading to significant financial losses. In this article, we will look at some examples of cybercrime in Kenyan banks, the amount of money lost, and what is being done to ensure cybersecurity is a top priority.

One of the most significant cyber-attacks in Kenya was the one that targeted the National Bank of Kenya (NBK) in 2017. In this attack, the hackers managed to steal KES 29 million ($280,000) from the bank’s system. The attackers used sophisticated techniques, such as phishing emails, to access the bank’s system and transfer the money to various accounts.

In 2018, the Kenya Revenue Authority (KRA) reported that it had lost KES 4 billion ($40 million) to a cyber attack. The attackers used malware known as WannaCry to infiltrate the authority’s system and steal sensitive information. The KRA had to shut down its system to prevent further damage, leading to significant financial losses.

In 2019, the Commercial Bank of Africa (CBA) reported that it had lost KES 90 million ($900,000) to a cyber attack. The bank did not disclose the details of the attack, but it was reported that the attackers used malware known as ATM malware to steal money from the bank’s ATMs.

In the same year, the Cooperative Bank of Kenya reported that it had lost KES 157 million ($1.57 million) to a cyber attack. The bank reported that the attackers used social engineering techniques to gain access to the bank’s system and transfer the money to various accounts.

In 2020, the Equity Bank reported that it had lost KES 1.3 billion ($13 million) to a cyber attack. The bank did not disclose the details of the attack, but it was reported that the attackers used phishing emails to access the bank’s system and transfer the money to various accounts.

To ensure that cybersecurity is a top priority in the banking sector, the Central Bank of Kenya (CBK) has issued guidelines to all banks in the country. The guidelines require banks to establish robust cybersecurity frameworks to protect their systems from cyber-attacks. The guidelines also require banks to conduct regular cybersecurity assessments and audits to identify vulnerabilities in their systems.

In addition to the CBK guidelines, the Kenya Bankers Association (KBA) has established a cybersecurity center of excellence to provide training and awareness to banks on cybersecurity. The center also provides support to banks in the event of a cyber attack.

To enhance cybersecurity, some banks in Kenya have also adopted advanced technologies such as artificial intelligence (AI) and blockchain. AI is used to monitor the bank’s system and detect any suspicious activity, while blockchain is used to secure transactions and prevent fraud.

Banks have also established dedicated cybersecurity teams to manage cyber threats. These teams are responsible for monitoring the bank’s systems, identifying and addressing vulnerabilities, and responding to cyber-attacks.

Banks are also collaborating with other stakeholders such as the government, law enforcement agencies, and cybersecurity experts to enhance cybersecurity. For example, the KBA has partnered with the government to establish the National Cybersecurity Center to coordinate cybersecurity efforts in the country.

To sum up, Kenyan banks have lost millions of dollars to cybercrime over the past few years. However, the banks and regulatory authorities have taken steps to enhance cybersecurity in the sector. Guidelines have been issued, cybersecurity teams established, and advanced technologies such as AI and blockchain adopted to protect against cyber threats. By collaborating with other stakeholders, Kenyan banks are working towards making cybersecurity a top priority and preventing further losses.

Based on the information provided in the aforementioned paragraphs, the combined amount that Kenyan financial institutions have lost to cybercrime over the past few years is as follows: KES 29 million + KES 4 billion + KES 90 million + KES 157 million + KES 1.3 billion = KES 5.576 billion

Converting this to US dollars using the exchange rate of KES 1 = $0.0096 (as of March 24, 2023), the combined amount lost to cybercrime by Kenyan financial institutions is: $53,465,600

Therefore, Kenyan financial institutions have lost over $53 million to cybercrime over the past few years, highlighting the need for enhanced cybersecurity measures in the country’s banking sector.

Related Content: Modernize your Cyber Recovery Strategy with these Five Simple Steps




About Steve Biko Wafula

Steve Biko is the CEO OF Soko Directory and the founder of Hidalgo Group of Companies. Steve is currently developing his career in law, finance, entrepreneurship and digital consultancy; and has been implementing consultancy assignments for client organizations comprising of trainings besides capacity building in entrepreneurial matters.He can be reached on: +254 20 510 1124 or Email: info@sokodirectory.com

View other posts by Steve Biko Wafula


More Articles From This Author








Trending Stories










Other Related Articles










SOKO DIRECTORY & FINANCIAL GUIDE



ARCHIVES

2024
  • January 2024 (238)
  • February 2024 (187)
  • 2023
  • January 2023 (182)
  • February 2023 (203)
  • March 2023 (322)
  • April 2023 (298)
  • May 2023 (268)
  • June 2023 (214)
  • July 2023 (212)
  • August 2023 (257)
  • September 2023 (237)
  • October 2023 (266)
  • November 2023 (284)
  • December 2023 (176)
  • 2022
  • January 2022 (293)
  • February 2022 (329)
  • March 2022 (358)
  • April 2022 (292)
  • May 2022 (271)
  • June 2022 (232)
  • July 2022 (278)
  • August 2022 (253)
  • September 2022 (246)
  • October 2022 (196)
  • November 2022 (232)
  • December 2022 (167)
  • 2021
  • January 2021 (182)
  • February 2021 (227)
  • March 2021 (325)
  • April 2021 (259)
  • May 2021 (285)
  • June 2021 (272)
  • July 2021 (277)
  • August 2021 (232)
  • September 2021 (271)
  • October 2021 (305)
  • November 2021 (364)
  • December 2021 (249)
  • 2020
  • January 2020 (272)
  • February 2020 (310)
  • March 2020 (390)
  • April 2020 (321)
  • May 2020 (335)
  • June 2020 (327)
  • July 2020 (333)
  • August 2020 (276)
  • September 2020 (214)
  • October 2020 (233)
  • November 2020 (242)
  • December 2020 (187)
  • 2019
  • January 2019 (251)
  • February 2019 (215)
  • March 2019 (283)
  • April 2019 (254)
  • May 2019 (269)
  • June 2019 (249)
  • July 2019 (335)
  • August 2019 (293)
  • September 2019 (306)
  • October 2019 (313)
  • November 2019 (362)
  • December 2019 (318)
  • 2018
  • January 2018 (291)
  • February 2018 (213)
  • March 2018 (275)
  • April 2018 (223)
  • May 2018 (235)
  • June 2018 (176)
  • July 2018 (256)
  • August 2018 (247)
  • September 2018 (255)
  • October 2018 (282)
  • November 2018 (282)
  • December 2018 (184)
  • 2017
  • January 2017 (183)
  • February 2017 (194)
  • March 2017 (207)
  • April 2017 (104)
  • May 2017 (169)
  • June 2017 (205)
  • July 2017 (189)
  • August 2017 (195)
  • September 2017 (186)
  • October 2017 (235)
  • November 2017 (253)
  • December 2017 (266)
  • 2016
  • January 2016 (164)
  • February 2016 (165)
  • March 2016 (189)
  • April 2016 (143)
  • May 2016 (245)
  • June 2016 (182)
  • July 2016 (271)
  • August 2016 (247)
  • September 2016 (233)
  • October 2016 (191)
  • November 2016 (243)
  • December 2016 (153)
  • 2015
  • January 2015 (1)
  • February 2015 (4)
  • March 2015 (164)
  • April 2015 (107)
  • May 2015 (116)
  • June 2015 (119)
  • July 2015 (145)
  • August 2015 (157)
  • September 2015 (186)
  • October 2015 (169)
  • November 2015 (173)
  • December 2015 (205)
  • 2014
  • March 2014 (2)
  • 2013
  • March 2013 (10)
  • June 2013 (1)
  • 2012
  • March 2012 (7)
  • April 2012 (15)
  • May 2012 (1)
  • July 2012 (1)
  • August 2012 (4)
  • October 2012 (2)
  • November 2012 (2)
  • December 2012 (1)
  • 2011
    2010
    2009
    2008
    2007
    2006
    2005
    2004
    2003
    2002
    2001
    2000
    1999
    1998
    1997
    1996
    1995
    1994
    1993
    1992
    1991
    1990
    1989
    1988
    1987
    1986
    1985
    1984
    1983
    1982
    1981
    1980
    1979
    1978
    1977
    1976
    1975
    1974
    1973
    1972
    1971
    1970
    1969
    1968
    1967
    1966
    1965
    1964
    1963
    1962
    1961
    1960
    1959
    1958
    1957
    1956
    1955
    1954
    1953
    1952
    1951
    1950