NAIROBI, Kenya, May 17 – The ICT ministry is working with parliament to push for the quick expedition of the Cyber Security and Protection Bill that proposes a fine of Sh20 million or 20 years in prison, or both for cyber terrorists and steep penalties for cyber offenders.
ICT Cabinet Secretary Joe Mucheru has said in addition to ensuring necessary laws are in place, institutions need to invest heavily on cyber security due to the rise of the vice both locally and globally.
Mucheru says this will involve putting on more effort in having backup systems that will ensure minimal disruption in the event of an attack.
Speaking during the launch of video banking by Standard Chartered Bank, Mucheru says at least 150 countries in the world have experienced serious attacks hence the need for more measure by all organisations.
“In a normal setting, when you set up a business you invest in security. You make sure you have a guard or grills at the door, or infrastructure that secures you. In the same case, when you connect to technology that now opens you to other networks and you don’t put security, anybody can come and access your systems,” CS Mucheru urged.
His statement comes following recent a worldwide ransomware attack that has so far hit hundreds of thousands of computers worldwide, including government agencies, factories and health services.
The cyberattacks started Friday last week and spread rapidly around the globe using a security flaw in Microsoft’s Windows XP operating system, an older version that is no longer given mainstream tech support by the US technology giant.
WannaCry ransomware locks access to user files and in an on-screen message demands payment of $300 (Sh30,000) in the virtual currency Bitcoin in order to decrypt the files.
Mucheru says the Kenyan government is on high alert to protect its systems like the Integrated Financial Management Information System (IFMIS).
“These cyber attacks that we are seeing, it is not new. They have been ongoing all the time. It’s only that this WannaCry has really affected many. It’s big but this is not a one-off, it’s going to continue. So we must invest heavily, and I mean heavily on security,’ the CS insisted.
The bill also addresses system interference, unlawful interceptions of electronic messages or money transfers, issuance of false e-instructions and reporting of cyber threat. It is currently being discussed at the Senate.