Oral East Africa>Central Bank of Kenya threatens jail term on cyber rumours of a bank run At the hut of the story

Written by Oral East Africa

The Central bank of Kenya has assured the public, that the banking system is safe and well capitalized and threatened those spreading rumors of cash shortfalls with jail term.

Social media reports have been circulating claims that some banks had frozen withdrawals from all accounts through mobile and internet banking while others were limiting daily withdrawals to avert the collapse of the banks due to lack of operating capital.

CBK Governor Dr Kamau Thugge has warned the intent behind these malicious attempts is to induce panic, leading to action which may destabilize the market, and that the regulator will pursue the perpetrators and charge them with criminal intent.

Cyber crime laws in Kenya confers a fine of not more than Kes5 million or a ten-year jail term for those convicted for knowingly publishing information that is false in print, broadcast, data or over a computer system, that is calculated or results in panic, chaos, or violence among citizens of the Republic, or which is likely to discredit the reputation of a person.

“We wish to emphasize that creating or circulating such information is in contravention of several laws including the Computer Misuse and Cybercrimes Act, and will lead to criminal prosecutions,” Dr Thugge said in a statement.

Regulatory assurance

The CBK said Kenya said Kenya’s banking sector remains stable and resilient, and is adequately capitalised.

Dr Thugge said all customers should continue transacting as normal, and that the CBK has not issued any press release, or other information with regard to the operation of the banking sector or any other element of its mandate.

Kenya’s financial system has remained strong despite the macroeconomic challenges of higher local and global interest rates, rise in non-performing loans and profit decline. This has been partly though firm support of the apex bank and reforms in the forex and interbank markets that has allowed capital to flow better.

The system is however vulnerable to cyber threats that could disrupt flows, and cause a panic, leading to a self-fulfilling prophesy, especially in cases of bank runs.

The International Monetary Fund (IMF) had warned Kenya to be cautious of cyberattacks on physical or digital infrastructure (including digital currency and crypto assets), as technical failures, or misuse of AI technologies could trigger financial and economic instability.

Such attacks can trigger financial instability or widely disrupt socio-economic activities, the Fund warned advising the government to tighten the screws on cyber laws.

“Continue reforms to strengthen cyber security capabilities at both government and private sector level,” IMF said.

Russian hackers

Kenya has also faced external cyber threats following President William Ruto’s shift of the country’s foreign policy to the West while shunning Russia. Kenya came under a major distributed denial-of-service (DDoS) cyber-attack that jammed networks, caused an outage of more than 5,000 public services for more than 48 hours while disabling Internet-based and mobile payment platforms, an attack that coincided with President Ruto skipping the Russia-Africa summit.

A Group called Anonymous Sudan was allegedly behind the attacks in Kenya claiming provocation from the government’s involvement in the Sudan Peace process as head of the IGAD quartet. The Sudanese army has rejected Kenya’s involvement claiming President Ruto is partisan over his previous involvement with the head of RSF militia General Mohamed Hamdan Daglo, also known as Hemetti.

Anonymous Sudan, may not actually be activists in Sudan. Previous activities of the group trace similar DDoS attacks in Sweden and Turkey ahead of the European country’s bid to join NATO. The Group claimed retaliation against Sweden was for its support over the burning of a Quran by Danish Swedish right wing activist Rasmus Paludan.

However data analysts point to the timelines of the Group’s formation before the Quran burning, the fact that this attacks vary in patterns form hacktivists Anonymous templates, use of expensive paid servers to launch the attack and similarity with Russian hackers trends of using Telegram and sharing Russian hackers socials like Killnet point to a Kremlin connection.

This means Kenyan lenders are finding themselves facing a non-traditional challenge of well funded state linked actors engaged in cyberwarfare which requires a higher level of vigilance, offline back up, secure logins and training of staff against social engineering to avoid breaches, especially key IT personnel whose access points are a systems biggest vulnerability.