We not that big! Why many companies in kenya do not care about being hacked!
Just recently, a major hack happened in the US that involved even the military service. Yes, the hack was so big that it shook the IT industry in what it was termed one of the best hacks worldwide. The hack involved a vendor that sells its products to big corporate companies and also sells its service to the US national government including the military.
The hack actually happened a few months before the news hit the mainstream media and investigations are still ongoing on what actually happened and how much data was breached.
Locally here in Kenya we have not heard of any major company or companies that have been hacked or have experienced some sort of hacking, for some reason that information never reaches our mainstream media. For sure someone somewhere has been hacked only that maybe the hack was just too small to warrant a whole news bulletin.
For sure most IT admins in our local companies are not so fully focused on security, apart from banks and maybe Safaricom due to Mpesa, but other than that you will find open wifi networks in institutions with direct access to internal networks or servers with no form of network separation or firewalls.
But why is so? why are IT admins not so focused on security here in kenya?
- Our company is just too small to warrant a hack – yes as this maybe true especially due to the fact that hackers are normally after big companies due to better payouts, not all hackers are on the same level and others might be after small money here and there. Also hacking is a great skill that requires resources to learn and implement, so this cannot be used as an excuse.
- We are not paid enough to secure the data – data/cyber security is an everyday job. New hacking methods are being developed every single second and its a job on its own to monitor and mitigate attacks. With that being said, most IT admins are not paid enough for them to sit down, research and learn new hacking methods. By default, the management does not like when an employee is just “sitted” reading new things. you will find the same IT admin being called in to fix a broken Microsoft word font!
- Not enough skills to avoid a hack– a hacker is by default an advanced user when it comes to computers. Hacking takes times and alot of reading and learning is required for one to became a certified hacker. Most IT admins go through the normal college/university education and do not have enough time to read, learn and research. Some do not even have enough skills to run a network of 50 people. This makes them not even interested in cyber security.
- We are not an IT related company to be hacked – yes, most people believe that only IT related companies are hacked. Unfortunately any money making company is liable and viable for a hack and this excuse should not be used as an excuse.
- Nobody knows that we exist – Unfortunately many SME companies believe they are not known and thus think they do not make the mark for a hack. Trust me, they do know who you are and what you do only that they might not be interested in you. And if they wanted you they would get to you.
- We do not even have a server – majority of people think that only a server is hacked or hackers only hack servers and not normal computers such as laptops and desktops. The do not understand that the only reason hackers attack servers is because that’s where company data is mainly stored. They need to understand that to get to the server, hackers go through the employees computers and find their way up. So even if you do not have a server, you are still hackable!
- Our network speed is slow – this was a funny one but a main concern among companies. They do believe hackers only want a fast network that they can do commands just like in the movies and thus believe the slower the network, the less susceptible they are to hackers.
So yes, those are some of the reason, kenyan companies do not pay attention too much on cyber security. We do believe this perspective might change in the near future.
If you liked this article, please share it with your family and friends, for any suggestions kindly do not hesitate to reach to me at “firstname.lastname@example.org”.