A sting operation by security personnel has discovered illegal connections to Kenya Revenue Authority servers where hackers siphon money.
The officers nabbed a laptop, which had been illegally connected to KRA system. The laptop was hidden within the network cabinet, through port 11 on the KRA switch. The officers also discovered bhang grown in one of the houses of the suspects arrested.
The arrest brings to 16 the number of persons who have been arrested so far. Nine of the suspects have already been arraigned in court and police granted 20 days to complete investigations.
Hackers have intensified their illegal business and have been using tools such as key loggers, Remote Access Tools (RATs) such as GoToMyPc, Blackshades, Progdata and malware, which they install into a PC on the institution’s network.
A demonstration as to how the hackers do the illegal business performed before the Commissioner General John Njiraini. They were shown how one of their former employees planted software in one of their system which was sending crucial data to his system.
Among those arrested are Calvin Otieno, a former police officer who previously worked the Directorate of Criminal Investigations (DCI) cybercrime unit, the former KRA employee and two US citizens.
Head of Special Crimes Prevention Unit Noah Katumo said the police seized an AK47 rifle and drugs from the suspects’ residences.
The police allege that the criminals have international contacts to countries such as Moldova, Belgium and France. They allegedly conspire with employees of the targeted institutions who provide them with access to the networks remotely using Remote Access Tools (RATS) and manipulate records in the computer system.
Apart from KRA, other institutions which have fallen victim National Transport and Safety Authority (NTSA), Saccos and the Independent Electoral and Boundaries Commission (IEBC).
Last year, KRA, NTSA and banks including DTB Bank, ABC Bank, Family Bank, Equity Bank as well as Police Sacco, Stima Sacco, Kenya Power have fallen prey to the hackers.
The suspects in police custody are 52-year-old American, Larry Peckham II, who police say usually communicated with the son of a prominent politician and daughter and another 32-year-old woman, Denise Huitron. Both Americans were arrested at an apartment on Riverside Drive, Nairobi.
Also nabbed in a former KRA employee Edward Kiprop, Albert Komen Kipkechem, suspended KRA official David Ndungu Wambugu and Alex Mutungi Mutuku.
The police said Otieno, Kipkechem, Wambugu and Mutuku have case pending in court over cyber-crime.
It is alleged that Kiprop has been accessing NTSA system through KRA and registering vehicles illegally. The suspects are IT graduates.
Kenya is considered one of the countries with major cases of money laundering.
In 2015 institutions in the country lost an estimated Sh15 billion to cyber cybercrime, although the figure could be higher.
A cyber security report released in 2015 show that public sector was the most affected, losing more than Sh5 billion followed financial service sector at Sh4 billion.
In 2013, Ogalo made an expose on Jicho pevu on how the IEBC and KENCALL servers were manipulated to determine the outcome of the elections. There are fears that Ogalo and his network might be targeting the IEBC in the upcoming August 2017 elections after a Russian male joined the criminal network. Furthermore, the hackers have also been linked to money laundering, drug and arms trafficking activities.
Of interest is that these hackers are working in cahoots with children of prominent politicians in the Country whose intent is suspicious; as they could have intentions of hacking into the financial systems so as to finance their campaigns in 2017 General elections or manipulate the IEBC system to have favourable campaign results.
The cybercrime network had a conspiracy to destabilize the Country by influencing the upcoming 2017 general elections and also sabotaging the economy by hacking into various financial institutions in the Country.