HQ/EMEAFind out how we can help your business
The notorious threat group Anonymous Sudan has recently issued a threat against key infrastructures in Kenya, warning of looming cyberattacks. The group, allegedly comprised of Sudanese hackers, announced their threats on their dark web site and Telegram channel.
Despite Kenyan companies upgrading their cybersecurity defences in response to the attacks, Anonymous Sudan seemed undeterred. Reports indicate that Kenyan businesses have taken measures such as transitioning from Cloudflare to Radware, but the threat group remained unfazed by these changes.
One of the group’s primary targets is the eCitizen website, an essential platform providing a single access point for Kenyan government services. News sources in Kenya reported that the eCitizen website experienced a temporary shutdown due to a suspected cyberattack following the threat. However, the website has been restored and is accessible to the public.
Anonymous Sudan’s malicious activities did not stop at the eCitizen website. The group announced their next target in their Telegram channel, the National Transport and Safety Authority (NTSA). The NTSA was formed to streamline Kenya’s operations of various road transport departments.
As of now, the NTSA website remains accessible despite the threat.
No evidence suggests that Anonymous Sudan has stolen vital information or databases from the affected Kenyan websites.
The Kenyan authorities are working together to mitigate the risks posed by cybercriminals. The situation is being closely monitored, and all necessary precautions are being implemented to safeguard Kenyan infrastructures and their sensitive data.
Anonymous Sudan is known for launching denial-of-service attacks on their targets, with the group reportedly composed of politically and religiously driven hacktivists from Sudan.
The group’s attacks are primarily characterised by DDoS attacks, amplified by alternating waves of UDP and SYN floods. These attacks are powerful, originating from thousands of unique source IP addresses.
The group strategically leverages public cloud server infrastructure to generate massive traffic and flood attacks. They also employ free and open proxy infrastructures, making it challenging for security analysts to trace the source of these attacks.
Organisations and governmental bodies must remain vigilant and proactive in their cybersecurity strategies. Timely measures must be taken to combat potential cyberattacks and protect vital infrastructure from malicious actors.
Our experts from iZOOlogic closely monitor the situation and will provide updates as they arise.
