The government of Kenya’s e-services is under attack. The e-Citizen platform, which hosts several essential public services and sensitive data, came under a distributed denial of service (DDoS) attack. For days now, no one can access these crucial services online. A collective of hackers claiming to be associated with Anonymous Sudan took responsibility.
By Thursday, 27th of July, Kenyans could not buy electricity tokens due to a network outage. Transactions on M-Pesa and some mobile banking platforms also became inaccessible. Services such as payments and revenue collections were negatively impacted.
Many had to find cash alternatives to digital banking services and mobile payments. The magnitude of interference raises concerns about the government’s readiness to transition to digital financial services in a secure and well-planned manner.
The lack of dependability of government services provided online is a cause for concern, especially for individuals with a disability. For instance, non-disabled individuals would have little trouble seeking physical alternatives to digital transactions. It is a more significant challenge for persons with physical disabilities and those with hearing and speech disabilities who now have to contend with potential communication and physical barriers.
In a conversation on KICTANet’s Mailing List about the troubles with e-Citizen, KICTANet trustee Victor Kapiyo commented,
The e-Citizen portal has been down since yesterday. I haven’t seen any official communication explaining the downtime. Anyone knows why? A critical site like it should have 99.9% uptime, and any downtime should be communicated
The sentiments came at a time when there was no official communication from the government despite Kenyans speculating for days whether the service was down.
While some downtime in digital services is expected, prompt communication can mitigate many losses and inconveniences.
Grace Githaiga, KICTANet Convenor, highlighted the case of Uganda Immigration. The department promptly informed the country about the downtime in passport and e-visa services and offered solutions. The services were restored shortly after.
𝐓𝐞𝐦𝐩𝐨𝐫𝐚𝐫𝐲 𝐛𝐫𝐞𝐚𝐤𝐝𝐨𝐰𝐧 𝐨𝐟 𝐬𝐞𝐫𝐯𝐢𝐜𝐞𝐬. We would like to inform our clients that there is a temporary breakdown of our services both Passport and e-Visa due to internet fiber cable cuts caused by ongoing roadworks around the Headquarters… pic.twitter.com/qSZXtwyncR
— Immigration Uganda (@DCICUg) July 26, 2023
The Kenya cybersecurity fraternity advocating for better measures against online threats is hopeful that their efforts will be taken seriously now that the seriousness of the situation is apparent.
I hope Cyber Security budgets will not be shot down in boardrooms anymore.
I hope proposals will now be considered when we have services to offer. And I pray some of these are given to local talent pic.twitter.com/OnQnJxzpz2
— Bright Mawudor,PhD (@BRIGHTZEED) July 27, 2023
Kenya has a wealth of cybersecurity talents who, if given sufficient opportunity, can prevent and counter the attacks we are witnessing.
I know the Kenyan #Cybersecurity community is #lowkey happy at what is happening coz many have always been undermined &/or less appreciated. The truth is we have enough local talent to prevent, counter, & even wage a more sophisticated attack at our enemies. But, we remain humble pic.twitter.com/AHFn8UAbxa
— Jones Baraza (@JonesBaraza) July 27, 2023
The sustained DDoS attack in Kenya rendered digital services unavailable to its intended users. The lack of communication for extended periods compounded this problem. Weak cybersecurity practices contribute to the inaccessibility of digital services for people with disabilities who use technology to overcome various barriers to social inclusion and participation.