This archive report was first published on 24 November 2019.
Savings and credit co-operative societies (saccos) in Kenya are exposed to cyber threats due to inadequate cyber security budgets.
According to a report by Serianu, a tech consultancy firm, 60% of the surveyed saccos do not have a real strategy in place to tackle cyber crime, while 84% have no formal standards for IT governance.
The report, dubbed 'Digital Transformation and Cyber Risk within Saccos,' also found that most of the surveyed saccos (44%) set aside Sh100,000 or less as part of their annual cyber security budget.
Between Sh100,000 and Sh0.5 million was invested in cyber security by 36% of the firms, while six percent of the surveyed saccos invested at least Sh1 million this year.
As a result, saccos have lost over Sh70 million to hackers since last year, highlighting the high risk facing billions of shillings held in customer deposits and savings.
Three individuals were arrested in Nairobi's Dagoretti area in November for their alleged involvement in the cyber crimes.
The report notes that there has been an increase in mobile banking fraud targeting saccos over the past 12 months.
Hackers steal passwords by installing malicious software and then making unauthorized changes to customer accounts.
The low number of cyber security professionals in the country compounds the struggles by financial institutions to secure customer savings and ensure confidentiality of data.
According to a recent report, the gap in cyber security skills is at an all-time high, with an estimated 1,800 professionals serving 47 million people.
In August this year, hackers gained access into the database of Nyeri-based Biashara Sacco and sent text messages to 2,000 members to withdraw their funds, causing widespread panic among the more than 120,000 members.