Monday, December 23, 2024

How Sudanese hackers brought down, compromised eCitizen and KPLC services

How Sudanese hackers brought down, compromised eCitizen and KPLC services

From Monday evening, Kenyans looking to access over 5,000 government services through the eCitizen self-service portal were met by slow service.

For 3 days, the website has been down. Sudanese hackers admitted to this malice in the wake of the ongoing diplomatic cold war between Kenya and Sudan.

A month ago, President William Ruto launched the Gava Mkononi app, which aimed at digitizing approximately 80% of all government services.

Co-Op center

On Thursday, June 27th, Kenyans received the confirmation by ICT and Digital Economy CS of the malicious hacking attempts on eCitizen and other government platforms.

“Yes the eCitizen platform was hacked and we are addressing it. They tried jamming the system by making more than ordinary requests to the system. However, no data has been accessed or lost,” he said.

The question lingering on a majority of Kenyans’ minds is, ‘How did this happen?’ In this article, we shall take a look at what the hackers did to bring down the eCitizen platform and their intended goal.

NCBA

How it happened

The government was able to restore the eCitizen service in a short span. They however continue to remain vigilant over potential cyber security attacks of such a magnitude.

The state characterised the attack as a form of Distributed Denial-of-Service (DDoS) cyber attack.

According to CloudFlare, a DDoS attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of internet traffic.

Co-Op post

In an exclusive interview, Moses Kemibaro, the CEO of Dotsavvy Africa noted that a DDoS attack is essentially a traffic jam of malicious bots clogging up a highway.

“A DDoS or Distributed Denial-of-Service, attack is essentially a form of digital congestion. It’s as if you are trying to drive on Thika Road during rush hour, but all of a sudden, thousands of additional cars, buses and trucks flood the road,” Mr. Kemibaro clarified.

How Sudanese hackers brought down, compromised eCitizen and KPLC services
An image illustration of a site traffic jam caused by malicious botnets, it is difficult to differentiate from normal site traffic – Bizna Kenya | Picture Courtesy (CloudFlare)

“Chaos, right? That’s pretty much what a DDoS attack does to a website or online service, as with eCitizen. It sends so much traffic that a website or online service can’t handle it and ends up stuck in its own digital traffic jam,” he added.

The CEO further explained that computers, known as botnets, are used to carry out cyber attacks and are infected by malware/viruses. Oftentimes, the computers are so many and are all internet connected.

Thousands of malicious botnets controlled remotely by hackers were issued with remote instructions to flood the eCitizen platform.

Each bot sent requests to eCitizen all at the same time, causing the eCitizen’s server to overload and resulting in denial-of-service to normal traffic.

For this reason, it becomes difficult to differentiate normal legitimate traffic from malicious botnet traffic.

“It is basically a form of malicious digital sabotage,” Dotsavvy’s CEO stated.

675,749FansLike
6,875FollowersFollow
8,930FollowersFollow
2,160SubscribersSubscribe

Latest Stories

Related Stories

-->
error: Content is protected !!