Ensure your business’ digital infrastructure survives the 2017 Kenyan elections 0 933

  • Ensure you can verify the backup plan. You MUST be able to test your Disaster Recovery plan. Do not let a disaster be your first test.
  • Make sure that your whole environment / workforce is being backed up – including your remote workers and any SaaS applications you are using (e.g. Office 365 / G Suite)
  • Do not leave external storage used for backups connected to your computer to eliminate the risk of infecting your backups.
  • It is essential that you replicate your backups off site to ensure business continuity in the event of a site issue.
digital-infrastructure-survives-2017-kenyan-elections

The high point of any democracy is the opportunity for citizens to participate in their State’s leadership through elections, general or otherwise.

In Kenya, the 2017 election has been met with immense expectation, with citizens eager to air their political views and politicians stepping up their campaigns to attain office. Politics remains the lifeblood of the Kenyan people, who seem at their best when discussing who deserves and who doesn’t deserve to sit on the Nation’s throne and why the circumstances are so.

Kenya’s elections, however, are haunted by the dark memory of 2007, when politics plunged Kenya into chaos resulting in brother turning against brother, with the monumental destruction of property and lives. The latter has resulted in a phobia of democratic elections as the threat of violence looms with just as much as probability as peaceful elections.

This is evidenced by numerous organisations commitment to either physically fortify their local tangible assets, or to close shop locally for the duration of the election period.

Local cybersecurity experts are particularly intrigued

Cybersecurity researchers are equally intrigued by the nature of Kenyan elections. This is due to certain viruses socially engineered to specifically target Kenyan users during this period and how savvy organisations are leveraging cybersecurity to guarantee the physical security and the data integrity of their consumers and staff.

Moreover, competent organisations are investing in crucial business continuity solutions to enable businesses to survive the risks which could be realised by the political situation in the nation.

The Kibaki Virus: a Product of the 2007 elections

One of the enigmas of the 2007 elections was the proliferation of the “Kibaki” virus throughout Eastern and Central Africa. The latter virus, W32.Baki.C, struck Kenya’s digital ecosystem with impunity, due to the self-replicating nature of the worm.

Notably, once a computer was infected, the virus modified the registry such that the website associated with the threat would be displayed when the computer starts or whenever Internet Explorer is opened.

The page includes: an unsolicited request to vote for the then incumbent President Mwai Kibaki, for another five years as well as a summary of his manifesto. The latter highlights that the malware author was politically motivated and intended to use the virus to spread political propaganda.

One of the fundamental elements of the Kibaki virus was its ability to disable various antivirus brands. These included: Panda software, AVG and Avast4 brands whose registry subkeys were promptly deleted by the worm upon infection.

Removal of the Kibaki Virus:

The method of removal of the virus, includes the following steps:

  • If you are running Windows Me or Windows XP, we recommend that you temporarily turn off System Restore. Windows Me/XP uses this feature, which is enabled by default, to restore the files on your computer in case they become damaged. If a virus, worm, or Trojan infects a computer, System Restore may back up the virus, worm, or Trojan on the computer.
  • Windows prevents outside programs, including antivirus programs, from modifying System Restore. Therefore, antivirus programs or tools cannot remove threats in the System Restore folder. As a result, System Restore has the potential of restoring an infected file on your computer, even after you have cleaned the infected files from all the other locations. Also, a virus scan may detect a threat in the System Restore folder even though you have removed the threat.
  • Inventory reputable antivirus software, in order to update the virus definitions, to run a full system scan and delete the worm from the registry.

With the growth of ransomware in 2017:

There exists the probability that a new ransomware outbreak particularly tailored against the Kenyan digital market could break out. The malware authors of the Kibaki virus clearly had the agenda to spread political propaganda, however, with the development of evolved malware such as Wannacry and Petya, much more ominous cybercriminals could take advantage of Kenya’s election fever and may wreak havoc on the nation’s critical infrastructure.

Business Continuity and Cybersecurity:

With the threat of violence looming during this election, Kenyan businesses should take the following steps i to safeguard their businesses:

  • Ensure that you inventory reputable
  • Ensure you can verify the backup plan. You MUST be able to test your Disaster Recovery plan. Do not let a disaster be your first test.
  • Make sure that your whole environment / workforce is being backed up – including your remote workers and any SaaS applications you are using (e.g. Office 365 / G Suite)
  • Do not leave external storage used for backups connected to your computer to eliminate the risk of infecting your backups.
  • It is essential that you replicate your backups off site to ensure business continuity in the event of a site issue.
Previous ArticleNext Article

Ransomware Protection Crucial to Enterprise 0 303

Ransomware

Ransomware is by far the biggest threat among Enterprises.  So what is Ransomware? It is a malicious code that blocks or encrypts the contents of a device and demands a ransom to restore access to the data.

According to research done by ESET,  Companies named ransomware their number one concern.

In response to customer needs and concerns, ESET integrated Ransomware Shield into its security solutions. ESET has long been providing its customers with very good behavior-based malware detection and also with Host-based Intrusion Prevention System (HIPS) that allows users to set custom rules for the protection against ransomware. However, should something slip past the 11 other security layers, Ransomware Shield will be automatically activated.

While ransomware infection often starts with clicking a suspicious link or a fictitious invoice, ESET found that email remains the most common distribution method.

To combat these scenarios, enter ESET Dynamic Threat Defense (EDTD). EDTD provides another layer of security for ESET products like Mail Security and Endpoint products. It utilizes a cloud-based sandboxing technology and multiple machine learning models to detect new, never before seen type of threats. In result, attachments that were classified as malicious are stripped off the email and the recipient gets information about the detection.

To learn more about how ESET can protect your business, and to book a FREE in house Cybersecurity Training Session for your employees, please sign up below.

Free Training

Interview: Addressing the Six Biggest Cybersecurity Challenges for Enterprise 0 213

cybersecurity challenges enterprise
Ken Kimani, Channel Manager of ESET East Africa, introduces the 6 biggest cybersecurity challenges for enterprises

Enterprises are under constant attack from cybersecurity threats resulting in the loss of millions in revenue annually. Factors such as ransomware, targeted attacks, insufficient network visibility, various operating systems in an organization, bad security behaviour among office staff, lack of skilled cybersecurity workforce and the level of tolerance among staff are the major causes of cyber-attacks in the country.

To mitigate these issues, ESET East Africa offers free training, suitable for all skill levels to help educate enterprises on the importance of cybersecurity.

Subscribe to our newsletter to find out more about this training, our enterprise offering and to follow our series on the 6 Biggest Cybersecurity Challenges for Enterprises.