Listen to This Article Enhance your reading experience by listening to this article.

The government has confirmed resumption of services on the eCitizen platform after attempted cyberattacks.

In a statement on Thursday evening, the Ministry of Interior and National Administration said the services had been paralysed since Sunday, July 23, 2023, following an attempted cyberattack on the platform through Distributed Denial of Service (DDoS) technique.

The Kithure Kindiki-led ministry said the hackers flooded the eCitizen platform that offers over 5,000 services with massive traffic from multiple sources simultaneously, overloading the system.

“The platform was overloaded and rendered unavailable to genuine users thereby causing interference of the services,” the statement read in part.

The ministry, however, affirmed that no data was accessed or lost during the incident owing to “comprehensive data protection measures put in place by the responsible agencies.”

“The attack not only indicates that we are surrounded by malicious actors, both locally and internationally, but also vindicates the government’s relentless pursuit of stronger cybersecurity measures to safeguard our Critical Information Infrastructure and data from such threats,” the ministry added.

The ministry said efforts are underway to review existing protective security controls “to remain several steps ahead of agents of crime.”

It also urged private entities to ramp up cyber security measures to avoid data breaches by cybercriminals.

“Further, all members of the public, businesses, government institutions, and private entities are advised to enhance their cybersecurity preparedness and prioritize cybersecurity as part of the collective responsibility to ensure a safe cyber environment in the country,” the ministry added.

eCitizen portal attack’s ripple effect

Kenya Power, Kenya Railways and the National Transport and Safety Authority (NTSA) were among the state agencies, whose services were allegedly affected by the attacks.

“Further to our earlier communication, accessibility to some of our services, including driver testing and licensing and public service vehicle licensing, is affected by an intermittent connection on the eCitizen network. 

“We do apologize for any inconvenience caused. The technical team is working to resolve the issue,” NTSA said in a statement.

Earlier, ICT CS Eliud Owalo also affirmed that no data was compromised during the attempted attacks.

“Over the past one week, there have been unsuccessful cyber attacks attempts targeting both the Government and the Private sectors. The eCitizen Portal is among the targets of these unsuccessful attacks,” Owalo confirmed.

“For clarity, both the privacy and security of data were not compromised. The system was not hacked,” Owalo stated.

A group identifying as Anonymous Sudan has claimed responsibility for the attack.

The group said on social media that they were targeting more government digital services.

“Kenyan retards are changing protection every few hours, first to Cloudflare now they switched to Radware. How pathetic, they don’t know nothing can stand in front of us and we will… accounts.ecitizen.go.ke no matter the protection they put. We downed their shitty site for 3 days and counting. We hope Kenyans now know who the Sudanese are, and the next will be worse, we are preparing something very big,” the group posted on Telegram.