In Kenya, citizens are currently facing a severe cyber attack, resulting in a paralysis of essential online services. Reports indicate that numerous systems have been compromised, leading to widespread disruptions throughout the nation. Among the affected services are Safaricom’s M-Pesa and mySafaricom apps, critical platforms provided by the telecommunication giant, which are now reported inoperative and impacting millions of users. Furthermore, customers are experiencing difficulties in acquiring Kenya Power Tokens, as this service is also non-functional at present. The situation has caused extensive challenges for the country, leaving many grappling with the consequences of this cyber attack.
Moreover, the Kenyan government’s online service platform, Ecitizen, has been offline for several days. This gateway provides access to various crucial services, including the National Transport and Safety Authority (NTSA), Immigration, Police Clearance, Business Registration, County Government services and more. The disruption has inconvenienced Kenyans who are now unable to access these systems.
Financial services are also feeling the heat as numerous services linking different banks to M-Pesa are non-operational.
Anonymous Sudan, a hacker group affiliated with Sudan, has claimed responsibility for these disruptions. The group announced through a Telegram channel that it is orchestrating the attacks, causing chaos across the digital landscape of Kenya.
In a more concerning development, the group has also claimed, through screenshots shared on social media, in the same Telegram group, that it has infiltrated the systems of the Kenya Revenue Authority (KRA). They claim to have access to personal data of individuals, a revelation that may spark panic and anxiety among Kenyans.
Despite the ongoing cyber attack and the subsequent service outage, no official statements have been released by the affected companies, including Safaricom and Kenya Power. (Update: Kenya Power confirms disruption of services, without mention of reasons.) The only confirmation so far comes from ICT Cabinet Secretary Eliud Owalo, who addressed the Ecitizen services disruption. He confirmed that the platform has been attacked, but assured Kenyans that no data was accessed during the breach.
This incident underlines the vulnerability of the cyber environment and the need for strengthened security measures to safeguard digital systems. As we wait for a resolution to this dire situation, it is hoped that the relevant authorities will take the necessary steps to not only restore services but also enhance their cyber defenses to prevent a recurrence of such debilitating attacks.
For now, millions of Kenyans are left in uncertainty as they wait for the return of these vital services. Amid this crisis, the onus lies on the affected companies and the government to ensure timely communication and swift action to mitigate the impact of the ongoing disruptions.