Kenya Power Reportedly Hacked

Monopoly electricity firm, Kenya Power, has reportedly been hacked by a hacker group from Sudan that has been for the past three days targeting government websites.

Anonymous Sudan on Thursday, July 27 claimed that they had managed to hack the electricity firm's systems, causing widespread disruptions.

Viral Tea independently confirmed that the token system was down, with attempts in purchasing a token failing.

"Transaction failed, M-PESA cannot complete payment of Ksh50.00 to KPLC PREPAID. The Organization's system receiving the payment experienced some technical challenges, try again later," read the message.

SMSs from a Kenyan trying to purchase tokens on Thursday, July 27, 2023. /VIRALTEAKE

Officials at Kenya Power however denied knowledge of the attack, as some of them told Viral Tea that the hack may have been a hoax as KPLC systems were working as per usual.

The hacker group claimed responsibility for the attack through their Telegram channel, just hours after ICT Secretary Eliud Owalo revealed that no data was compromised after the group claimed to have taken down a number of Kenyan websites including key government sites like e-Citizen and top companies.

"In some of our operations, we have attacked the Kenya Power and Lighting Company and we will continue to attack more. Everyone thinks that all our attacks are Distributed Denial-of-Service (DDoS) but we managed to get access to all the backend," the group posted.

The group in another screenshot seen by Viral Tea also complained about how Kenya was changing cyber protection every few hours to avert the attacks, vowing not to be unshaken as they continued with their threats to plunder the e-Citizen website.

Statements earlier posted by Sudan Annonymous claimed that the move to target the Kenyan websites was motivated by their protest against Kenya's alleged interference with the country's affairs, though the group did not substantiate how Kenya was meddling with the affairs of Sudan.

Government websites offering services to Kenyans like e-Citizen and NTSA have been experiencing downtimes since Monday, July 24, affecting applications and renewal of Driving Licences, birth certificates, business registrations, marriage certificates, passports, and certificates of good conduct among others. 

CS Owalo, who spoke during an interview with Spice FM, confirmed that the attack took place but asserted that it would not prevent the government from digitizing all its records and services as planned by President William Ruto.

"Yes, and to me that is not strange because cyber attacks are predominant the world over. We cannot stop digitizing our records and services because we are risk-averse. What we need to put in place is an elaborate risk-mitigation framework which we are ready for anyway.

"There was an attack, we are addressing that, we are not just coming up with instant remedy of measures to address the current situation, we are ensuring that around this digitization space, we are building an elaborate risk-mitigation framework for purposes of sustainable digitization," the CS explained.

Viral Tea learnt that the system first experienced issues when users sought services before it became inaccessible. Reports indicated that the hacks spread to blue-chip firms including a leading media outlet and a leading telco as the hackers allegedly protested President Ruto's meddling in Sudanese internal affairs.

Private companies managed to restore their websites within hours after they were victims of the daring hacks, but it was government websites that were the most vulnerable, as most of them did not have proper web security features.