, NAIROBI, Kenya, Nov 10 – Cyber criminals are exploiting malicious Android apps, mis-configured cloud platforms & machine language as attack avenues.
The Sophos 2020 Threat Report shows how cyber attackers are raising the stakes in ransomware, increasing stealth in malicious Android apps, exploiting mis-configuration in the cloud, and abusing machine learning
The report, produced by SophosLabs researchers, explores changes in the threat landscape over the past 12 months, uncovering trends likely to impact cyber security in 2020.
“The threat landscape continues to evolve – and the speed and extent of that evolution is both accelerating and unpredictable. The only certainty we have is what is happening right now, so in our 2020 Threat Report we look at how current trends might impact the world over the coming year,” explains the report.
“We highlight how adversaries are becoming ever stealthier, better at exploiting mistakes, hiding their activities and evading detection technologies, and more, in the cloud, through mobile apps and inside networks. The 2020 Threat Report is not so much a map as a series of signposts to help defenders better understand what they could face in the months ahead, and how to prepare,” said John Shier, senior security advisor, Sophos.
The SophosLabs 2020 Threat Report, which is also summarized in a SophosLabs Uncut article, focuses on six areas where researchers noted particular developments during this past year. Among those expected to have significant impact on the cyber threat landscape into 2020 and beyond are the following:
Ransomware attackers continue to raise the stakes with automated active attacks that turn organizations’ trusted management tools against them, evade security controls and disable back ups in order to cause maximum impact in the shortest possible time.
Unwanted apps are edging closer to malware. In a year that brought the subscription-abusing Android Fleeceware apps, and ever more stealthy and aggressive adware, the Threat Report highlights how these and other potentially unwanted apps(PUA), like browser plug-ins, are becoming brokers for delivering and executing malware and fileless attacks.
The greatest vulnerability for cloud computing is mis-configuration by operators. As cloud systems become more complex and more flexible, operator error is a growing risk. Combined with a general lack of visibility, this makes cloud computing environments a ready made target for cyber attackers.
Machine learning designed to defeat malware finds itself under attack. 2019 was the year when the potential of attacks against machine learning security systems were highlighted. Research showed how machine learning detection models could possibly be tricked, and how machine learning could be applied to offensive activity to generate highly convincing fake content for social engineering. At the same time, defenders are applying machine learning to language as a way to detect malicious emails and URLs. This advanced game of cat and mouse is expected to become more prevalent in the future.
Other areas covered in the 2020 Threat Report include the danger of failing to spot cyber criminal reconnaissance hidden in the wider noise of internet scanning, the continuing attack surface of the Remote Desktop Protocol (RDP), and the further advancement of automated active attacks (AAA).
BCCI: The bank ‘that would bribe God’
“This bank would bribe God.” These words of a former employee of the disgraced Bank of Credit and Commerce International (BCCI) sum up one of the most rotten global financial institutions.
BCCI pitched itself as a top bank for the Third World, but its spectacular collapse would reveal a web of transnational corruption and a playground for dictators, drug lords and terrorists.
It was one of the largest banks cutting across 69 countries and its aftermath would cause despair to innocent depositors, including Kenyans.
BCCI, which had $20 billion (Sh2.1 trillion in today’s exchange rate) assets globally, was revealed to have lost more than its entire capital.
The bank was founded in 1972 by the crafty Pakistani banker Agha Hasan Abedi.
He was loved in his homeland for his charitable acts but would go on to break every rule known to God and man.
In 1991, the Bank of England (BoE) froze its assets, citing large-scale fraud running for several years. This would see the bank cease operations in multiple countries. The Luxembourg-based BCCI was 77 per cent owned by the Gulf Emirate of Abu Dhabi.
BoE investigations had unearthed laundering of drugs money, terrorism financing and the bank boasted of having high-profile customers such as Panama’s former strongman Manual Noriega as customers.
The Standard, quoting “highly placed” sources reported that Abu Dhabi ruler Sheikh Zayed Sultan would act as guarantor to protect the savings of Kenyan depositors.
The bank had five branches countrywide and panic had gripped depositors on the state of their money.
Central Bank of Kenya (CBK) would then move to appoint a manager to oversee the operations of the BCCI operations in Kenya.
It sent statements assuring depositors that their money was safe.
The Standard reported that the Sheikh would be approaching the Kenyan and other regional subsidiaries of the bank to urge them to maintain operations and assure them of his personal support.
It was said that contact between CBK and Abu Dhabi was “likely.”
This came as the British Ambassador to the UAE Graham Burton implored the gulf state to help compensate Britons, and the Indian government also took similar steps.
The collapse of BCCI was, however, not expect to badly hit the Kenyan banking system. This was during the sleazy 1990s when Kenya’s banking system was badly tested. It was the era of high graft and “political banks,” where the institutions fraudulently lent to firms belonging or connected to politicians, who were sometimes also shareholders.
And even though the impact was expected to be minimal, it was projected that a significant number of depositors would transfer funds from Asian and Arab banks to other local institutions.
“Confidence in Arab banking has taken a serious knock,” the “highly placed” source told The Standard.
BCCI didn’t go down without a fight. It accused the British government of a conspiracy to bring down the Pakistani-run bank. The Sheikh was said to be furious and would later engage in a protracted legal battle with the British.
“It looks to us like a Western plot to eliminate a successful Muslim-run Third World Bank. We know that it often acted unethically. But that is no excuse for putting it out of business, especially as the Sultan of Abu Dhabi had agreed to a restructuring plan,” said a spokesperson for British Asians.
A CBK statement signed by then-Deputy Governor Wanjohi Murithi said it was keenly monitoring affairs of the mother bank and would go to lengths to protect Kenyan depositors.
“In this respect, the CBK has sought and obtained the assurance of the branch’s management that the interests of depositors are not put at risk by the difficulties facing the parent company and that the bank will meet any withdrawal instructions by depositors in the normal course of business,” said Mr Murithi.
CBK added that it had maintained surveillance of the local branch and was satisfied with its solvency and liquidity.
This was meant to stop Kenyans from making panic withdrawals.
For instance, armed policemen would be deployed at the bank’s Nairobi branch on Koinange Street after the bank had announced it would shut its Kenyan operations.
In Britain, thousands of businesses owned by British Asians were on the verge of financial ruin following the closure of BCCI.
Their firms held almost half of the 120,000 bank accounts registered with BCCI in Britain.
The African Development Bank was also not spared from this mess, with the bulk of its funds deposited and BCCI and stood to lose every coin.
In Britain, local authorities from Scotland to the Channel Islands are said to have lost over £100 million (Sh15.2 billion in today’s exchange rate).
The biggest puzzle remained how BCCI was allowed by BoE and other monetary regulation authorities globally to reach such levels of fraudulence.
This was despite the bank being under tight watch owing to the conviction of some of its executives on narcotics laundering charges in the US.
Coast politician, the late Shariff Nassir, would claim that five primary schools in Mombasa lost nearly Sh1 million and appealed to then Education Minister George Saitoti to help recover the savings. Then BoE Governor Robin Leigh-Pemberton condemned it as so deeply immersed in fraud that rescue or recovery – at least in Britain – was out of the question.
“The culture of the bank is criminal,” he said. The bank was revealed to have targeted the Third World and had created several “institutional devices” to promote its operations in developing countries.
These included the Third World Foundation for Social and Economic Studies, a British-registered charity.
“It allowed it to cultivate high-level contacts among international statesmen,” reported The Observer, a British newspaper.
BCCI also arranged an annual Third World lecture and a Third World prize endowment fund of about $10 million (Sh1 billion in today’s exchange rate).
Winners of the annual prize had included Nelson Mandela (1985), sir Bob Geldof (1986) and Archbishop Desmond Tutu (1989).
East Africa celebrates top women in banking and finance
The Angaza Awards for Women to watch in Banking and Finance in East Africa took place Online via Zoom on 8th June 2021.
The event was set to celebrate the top 10 women shaping banking and finance across East Africa. The 2021 Angaza Awards, which will be a Pan-African Awards program, was also announced at the event.
Key speakers at this webinar were Dr Nancy Onyango, Director of Internal Audit and Inspection at the IMF; and Gail Evans, New York Times Best Selling Author of Play Like a Man, Win Like a Woman and former White House Aide and CNN Executive Vice President.
Dr Nancy Onyango advised women to deep expertise in their fields, spend time in forums and link with key players in that sector.
“Gain exposure with other cultures by seeking for employment overseas and use customized CV for each job application,” said Dr Onyango.
According to Gail Evans, women should show up and be fully present in meetings and not be preoccupied with other issues.
“Be simple and avoid jargon. Multi-tasking only means that you are mediocre Smart people ask good questions in a business meeting. Most women face drawbacks due to perfectionism, procrastination and fear of failure, said Evans.
She advised women to play like a man and win like a woman, be strategic, and intentionally make their moves to get to the top.
“For us to pull up businesses that have been affected by effects of COVID-19 pandemic, we need to re-invent business models, change the product offering and make more use of digital platforms,” said Mary Wamae Equity Group Executive Director.
Mary Wamae emerged top at the inaugural Angaza awards( East Africa) ahead of other finalists.
While women continue to excel in banking and finance, the number of that occupies top executive positions is still less.
“There is a gap for women occupying C suite level and it continues to widen in the finance sector. At entry level, there is still an experience gap for women,” said Nkirote Mworia, Group Secretary for UAP-Old Mutual Group.
She said that at the Middle Management level, women do not express their ambition. For this reason, UAP-Old Mutual has developed an executive sponsorship program to help women get to the next level.
Mworia added that most women hold the notion that top positions in management have politics and pressure.
“One needs leadership skills and not technical expertise to get to the top,” said Mworia.
According to Catherine Karimi, Chief Executive Officer and Principal Officer of APA Life Assurance Company, women need to focus on the strengths and natural abilities that they already have.
“Take risks and raise your hand to get to the high table. Find mentors along the way and develop your own brand and not compare yourself with others Focus on your strengths because it will make you move faster in the career ladder,” said Karimi.
Lina Mukashyaka Higiro, a Rwandan businesswoman and chief executive officer of the NCBA Bank Rwanda since July 2018, has three lessons for women who want to excel in banking and finance.
“Always spend at least 20 minutes each day reading, seeking genuine feedback from other staff members and widen your network,” Higiro told the webinar.
Women picked for Angaza awards
Mary Wamae, Executive Director, led this year’s Top 10 Women in Angaza Awards, Equity Group (Kenya)(2)Catherine Karimi, Chief Executive Officer, APA Life Insurance Company (Kenya)(3)Lina Higiro, Chief Executive Officer, NCBA Bank (Rwanda)(4)Elizabeth Wasunna Ochwa, Business Banking Director, Absa Bank (Kenya)(5)Joanita Jaggwe, Country Head of Risk and Compliance, KCB Group (South Sudan)(6) Millicent Omukaga, Technical Assistance Expert on Inclusive Finance, African Development Bank (Kenya)(7)Emmanuella Nzahabonimana, Head of Information Technology, KCB Group (Rwanda)(8)Judith Sidi Odhiambo, Group Head of Corporate Affairs, KCB Group (Kenya)(9)Rosemary Ngure, ESG & Impact Manager, Catalyst Principal Partners (Kenya) and(10)Pooja Bhatt, Co-Founder, QuantaRisk and QuantaInsure (Kenya).
The Kenyan Wallstreet, a financial media firm, partnered with Kaleidoscope Consultants to raise awareness of seasoned women shaping and influencing the sector through their organizations.
The Angaza Award criteria included assessing the applicants’ area of responsibility and contribution to firm performance. Professionals in Banking, Capital Markets, Insurance, Investment Banking, Fintech, Fund Management, Microfinance, and SACCOs were invited to submit their applications or nominations via the Kenyan Wallstreet Award Web page.
IFC in New Partnership to Develop Affordable Housing in Mombasa County
NAIROBI, Kenya, Jun 14 – International Finance Corporation, a member of the World Bank Group, has signed a new deal in support of affordable housing in Kenya.
The corporation has partnered with Belco Realty LLP, to develop a mixed use affordable living complex that will consist of 1,379 residential units and over 4,500 square meters of retail and commercial spaces in Kongowea, Mombasa County.
Together with the Kenyan firm, IFC says the partnership will help meet surging demand for housing in Kenya.
Under the agreement, IFC will help identify suitable international strategic partners to invest equity of up to $12 million, or Sh1.3 billion in Belco and to provide the company with the necessary technical support to develop the project.
The development, known as Kongowea Village, will be developed to foster inclusive and affordable community living within the city.
Jumoke Jagun-Dokunmu, IFC’s Regional Director for Eastern Africa says the project, which will be located on eight acres within the heart of Mombasa city, will aim to be a catalyst for wider city regeneration.
The project will be developed to meet IFC EDGE certification requirements and will incorporate the latest technologies in passive cooling, energy efficiency and water conservation to support sustainable urbanization.
Kongowea Village is expected to create 1,160 jobs and business opportunities during the three-year construction period and many more after completion of the project within the themed retail arcade.
“Access to quality housing is a growing problem in Kenya and across Africa,” said Jumoke Jagun-Dokunmu, IFC’s Regional Director for Eastern Africa.
“Developers often target the high end of the market, but this project is aimed squarely at the lower-income bracket. Helping Belco identify the right partners for this project is expected to attract more developers to Kenya and other parts of Africa to help meet rising demand for housing.”
“IFC‘s engagement with Belco will help Kenya support its rapidly growing and urbanizing population by increasing access to affordable housing. The problem is similar across most of Africa, where population growth and demand for quality housing are combining to outstrip supply. We are pleased to partner with a company such as Belco that is committed to contributing to solving this challenge,” said Emmanuel Nyirinkindi, IFC‘s Director for Transaction Advisory Services.
IFC’s partnership with Belco is part of its broader strategy to support better access to affordable housing in Kenya.
In 2020, IFC invested $2 million in equity in the Kenya Mortgage Refinance Company (KMRC) to help increase access to affordable mortgages and support home ownership in the country.