The Sacco Societies Regulatory Authority (SASRA) has urged Savings and Credit Cooperative Organisations (SACCOS) to intensify cybersecurity surveillance across all critical systems ahead of the long Easter weekend.
According to the SASRA Chief Executive Officer, Peter Njuguna, intelligence monitoring of the trends of cybersecurity breaches in SACCOs showed that the majority of these breaches occurred mostly during long-weekend public holidays.
He disclosed that the surveillance report equally showed that these cyber breaches were predominantly perpetrated during the last 12 hours before the commencement of the long-weekend public holidays.
In a notice dated Thursday, April 17, the regulator called on cooperatives to remain vigilant by closely monitoring their digital financial platforms and other ICT infrastructure.
"In this regard, Regulated SACCOs are reminded that in long-weekends such as the Easter holidays, all Regulated Cooperatives are hereby called upon to heighten, intensify and strengthen the cyber-security monitoring and surveillance,” Njuguna commented.
He added, “Consequently, SACCOs are urged to protect their ICT infrastructures used to provide financial services to members to detect and prevent any potential cyber-attacks or breaches during the Easter holidays.”
The SASRA boss stated that SACCOs using Mobile Money channels, Internet banking and other electronic forms of accessibility to members’ accounts were among entities highly predisposed to risks of cyber-attacks.
He further revealed that SACCOs operating pay bill float accounts, which are accessible through third-party vendors’ systems, were equally vulnerable to cyberattacks.
“Regulated SACCOs and their third-party system vendors must institute round-the-clock internal control measures to detect and prevent insiders (employees) from colluding with third parties committing such cyber-attacks,” the SASRA boss noted.
Persistent cybercrime and poor governance have occasionally been highlighted as key threats derailing the operations and growth of co-operative societies in Kenya.
The increased cybercrimes targeting cooperative organisations have mainly been attributed to the inadequate capacity of the SACCO directors and senior management.
Several regulated SACCOs have in the past years reported incidents of cyber attacks, which led to a massive loss of information and members' resources.
