In 2017, Kenya had 3,599,200 million Sacco members contributing Kshs. 442.9B to the East African economic hub’s GDP making Saccos a haven for cybercriminals.
According to the Kenya Financial Sector Stability Report 2017, Saccos contributed to 5.72% of Kenya’s GDP in the year the total assets portfolio of deposit-taking Saccos grew to reach Kshs. 442.3B from Kshs. 393.5B in 2016.
The report indicated that the total asset base of deposit-taking Saccos has been on a steady increase in the past three years growing from Ksh. 342.8B in 2015 to the current Kshs. 442.9B representing a 12.4 per cent growth rate.
And with this growth, there is increased targeted cybersecurity attacks on Saccos.
According to the Sacco Cybersecurity Report 2018 by cybersecurity consultancy Serianu and Internet service provider Liquid Telecom, cybercriminals use database breaches, abuse of privileged access, malware (keyloggers), critical data manipulation, email phishing attacks and ransomware as the top six targeted attacks against Saccos.
In database breaches, attackers are leveraging database manipulation with the goal of making a profit. The attackers do this by informing victims that their systems have been compromised and refusing to change back the data until a ransom has been paid to them.
Abuse of privileged access occurs when the privileges associated with a particular user account are used inappropriately or fraudulently, either maliciously, accidentally or through willful ignorance of policies.
This attack has led to the loss of sensitive data and business intelligence within Saccos as well as downtime of systems and applications essential for business operations.
Malware (Keyloggers) are usually employed in conjunction with other malicious programmes, capturing keystrokes and sensitive information such as customers’ account numbers, passwords, and other sensitive information.
Cybercriminals leverage this attack to steal corporate confidential data, impersonate users or carry out fraudulent financial transactions within Saccos.
In critical data manipulation, attackers compromise information systems and steal sensitive data while phishing attacks mimic real communications from the Sacco which may lead to financial losses, declining market share, reputation and consumer trust.
Depending on the depth of the attack Saccos may have a more difficult time recovering.
Ransomware can be devastating to productivity as it puts all projects on hold until access to important files is regained and the system is secured from the cybercriminals.
All sensitive information is at risk of falling into the wrong hands and being erased from devices. A data breach leads to sensitive customer and organizational information being at risk.
To address these challenges, Serianu and Liquid have partnered to offer SIEMaaS, a solution to Saccos. SIEMaaS provides a technical solution in identifying and qualifying cybersecurity risks faced by the organisation to help them mitigate possible losses from internal and external fraudsters.
Acting as a firewall, SIEMaaS builds technical controls to protect access to Sacco members’ personal data and funds.
With these controls, an alert on fraudulent access is issued leading to actionable steps to avert any losses.
Serianu’s survey incorporated over 100 Sacco representatives from across Kenya with the aim of identifying the exact pain points facing Saccos and design steps that help address these challenges.
The report shows that Saccos are now a lucrative target for attackers and stand to lose the most with the recent increase in cyber threats due to limited visibility on their enterprise’s cybersecurity posture.
Serianu projections indicate that attacks targeting Saccos will double in the next year hence the need for a solution like SIEMaaS.
SIEMaaS is a first-of-its-kind integrated service combining enterprise log monitoring, cyber-threat intelligence and cloud-based threat management with reporting. It gains unparalleled visibility into insider threats with an intelligent correlation and detailed detection framework.
“We recognize that in addition to playing the deposit-taking and lending functions, many Saccos are expanding their range of member services, necessitating investment in technology infrastructure that can facilitate the transactions and link to other devices such as mobile phones,” said Serianu Chief Operations Officer Joseph Mathenge as quoted by the Nairobi Garage.
Mathenge says Serianu is working with Liquid to provide Saccos with a real-time failsafe that also targets the arrest of culprits within hours.
He adds, “Our cyber risk quantification methodology addresses the need for Sacco Directors and members to understand the financial degree of exposure and thus enables the information security teams to adequately apportion investment funds that will give a decent return, particularly in this era of evolving innovation.”