Kenya Cyber Security Report 2015
Kenya Cyber Intelligence Report
In this section of the report we share cyber
threat intelligence from the Serianu Cyber
Threat Command Centre - SC3. The section aims to
provide an analysis of local cyber security threats, trends, and insights
concerning malware, spam, and other potentially harmful business risks
observed by the Serianu Cyberthreat Command Centre.
Serianu has established the most comprehensive source
solutions altogether. In all the organisations we identified
of Internet threat data in the country through the Serianu
atleast two infrastructure devices (servers) were infected
Cyber Threat Intelligence Network, which is made up of
and an average of 15 infected end-user computers which
more than 10 monitoring sensors and records thousands
were sending lots of traffic to external IP addresses of
of events per hour. This network monitors threat activity
compromised or malicious hosts - known as Command
in Kenya through a combination of Serianu products and
and Control servers.
services such as Serianu Honeypot
Network, Serianu Managed Security
Services, and other third-party data
sources.
malicious traffic
reached the end-user
computers and
bypassed current
network security
solutions
For purposes of this report, we
2
atleast
infrastructure
devices (servers)
infected in ALL
organisations
inspected network traffic inside a
representative sample of Kenyan
organisations. The goal was to find
out whether there are malicious
15
threats hiding inside the organisations’
infrastructure that current information
security solutions or practices do not
detect or prevent.
We found that in all of the
organisations, malicious traffic reached
the end-user computers and was able
68%
of attacks
were customized
malware
average of
infected end-user
computers sending lots
of traffic to malicious
hosts
ALL organisations
exposed to malicious
software that had
penetrated their
perimeter security
to bypass the current network security
33