Close Menu
    Facebook X (Twitter) Instagram
    • Home
    • Contact Us
    • About Us
    • Privacy Policy
    • Terms Of Service
    • Advertisement
    Sunday, July 19
    Facebook X (Twitter) Instagram Pinterest Vimeo
    ABS Africa TV
    • Breaking News
    • Trending
    • Africa News
    • World News
    • Features
    • Technology
    • More
      • Sports
      • Politics
      • Culture
      • Lifestyle
      • Travel
      • Business
      • Environment
      • Legal
      • Health
      • Cameroon
      • Ambazonia
      • AfroSingles
      • Environ/Climate
      • Editorial
      • The Leak Magazine
    • Donate
    Subscription
    ABS Africa TV
    Home»Technology»Hackers take over Kenya’s president’s website, demand 5 Bitcoins ransom 
    Technology

    Hackers take over Kenya’s president’s website, demand 5 Bitcoins ransom 

    Ewang JohnsonBy Ewang JohnsonJuly 18, 2026No Comments6 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    Share
    Facebook Twitter LinkedIn Pinterest Email
    Post Views: 27

    Hackers gained control of the official website of Kenyan President William Ruto (president.co.ke) on Saturday, July 18th, and defaced the president’s official website with demeaning messages.

    The unknown group responsible for the cyber attack targeted President Ruto, threatening to release ‘uncomfortable’ information if its ransom demand of 5 Bitcoins (approximately $317,215) wasn’t met.

    “This message is the third time for you; before we leak everything about you,” the message on the homepage reads. “Do a payment of 5 bitcoins to the Bitcoin wallet…. If you want peace before 6 o’clock this evening.”  

    The Kenyan government, through a response filed by the Information and Communication Technology Cabinet Secretary, William Kabogo, confirmed the attack but assured Kenyans that no official or sensitive data was compromised.

    He also clarified that emergency measures had been put in place to curtail the attack.    

    “At this time, there is no evidence of unauthorised access to sensitive data, data exfiltration, or loss of information,” Kabogo says. “Government systems and digital services remain secure and operational. As a precautionary measure, access to the Presidential website was temporarily restricted to facilitate containment, forensic analysis, and restoration efforts.”

    One attack too many: Why are government websites easy targets?

    The recent attack marks the second time within one year that this has happened. In November 2025, a cyber breach affected the president’s website and four other major ministries, including Education, Health, Interior, and Information and Communication Technology.

    Some state platforms, including the Immigration Department, the Directorate of Public-Private Partnerships, the Directorate of Criminal Investigations (DCI), and the State House website, were also affected in the breach.

    Nick Thiong’o, a Nairobi-based AI and cybersecurity practitioner, argues that the hackers’ motive extends beyond financial gain.

    Victoria Fakiya – Senior Writer

    Stop struggling to find your tech career path

    Discover in-demand tech skills and build a standout portfolio in this FREE 5-day email course

    “I don’t think whoever is targeting the president has only financial motives in mind; it’s also for show,” Thiong’o notes. “For you to target the head of state, you know you’d actually get the attention that you’re seeking.”

    Victoria Robinson, Cybersecurity Research Analyst at Ethnos Cyber Limited, believes that a mix of low cost-to-attack and high visibility payoff explains why government websites are sweet spots for attackers.

    “A .go.ke or any state domain gives instant credibility to whatever message you deface it with, Robinson explains. “You get press coverage, public panic, and leverage for extortion in one shot, which is exactly why this incident got the ‘pay 5 BTC, or we leak everything’ framing.”

    In contrast, when a random small or medium-sized enterprise website is compromised, nobody writes about it, and there is no pressure on the target. Robinson says government websites are soft targets because they are usually built by whichever contractor won a tender, then left to run with minimal in-house ownership.

    Many government websites still run vulnerable CMS builds (Drupal, WordPress, Joomla, etc), default admin creds that were never rotated, or exposed admin panels sitting on the open internet with no IP allow-listing or Multi-Factor Authentication (MFA). So it’s not that they’re always vulnerable by design; it’s that the operational hygiene around them— patching, access control, monitoring—tends to lag badly behind.

    “So, there’s likely no continuous patch cycle, no one really ‘owning’ the box after go-live,” Robinson explains.

    Artificial Intelligence has lowered the barrier

    Thiong’o says he doesn’t entirely blame Artificial Intelligence for this recent attack; the tools at hackers’ disposal today are frightening, and his worry is where these attackers will target next.

    Thiong’o says AI has lowered the barrier for attackers and that available AI tools should scare us. He argues that Large Language Models (LLMs) can be easily jailbroken to ignore their safety training and employed to cause havoc.  

    Hackers no longer need to be experts in programming languages; with the right prompts, they can leverage AI to write code that produces malware and viruses to attack vulnerable websites.  

    “We’re on the cusp of something that would be recurring,” Thiong’o says, “because we don’t know where the attackers would focus on next; the tools to create malware and prompt injections are easily available.”

    Proactive measures African governments adopt to curtail attacks

    Thiong’o’s counsel to African governments is twofold.

    First, he advocates the urgent need to assemble the best tech brains to develop local models. Also, African governments should collaborate with their Western counterparts to understand the vulnerabilities of AI models built by tech giants, while also investing more in AI security tools and intelligence systems to counter emerging threats.

    Robinson advocates that before any countermeasures can be put in place, African governments should get the basics right, because that’s usually what’s missing.

    She offers the following practical tips:

    • Enforce phishing-resistant MFA: Enforcing MFA for every admin and content-management login was once the standard advice, but times have changed. Basic SMS- or push-based MFA is now routinely defeated by adversary-in-the-middle phishing kits, SIM swapping, and push bombing. What actually holds up is phishing-resistant MFA on every admin/CMS login, keeping the CMS core and plugins patched on a real schedule. Cloudflare or similar services catch a huge chunk of defacement attempts before they ever reach the origin server.
    • Segregate environments: Separating the public web tier from anything sensitive on the back end (proper network segmentation) limits how far a front-end compromise can spread, which matters enormously in cases like this, where nobody outside the response team yet knows how deep the breach went.
    • Add file integrity monitoring:So unauthorised changes trigger alerts immediately, centralised logging with real eyes on it around the clock for high-value targets, regular independent penetration testing, and a legitimate vulnerability disclosure channel so researchers who spot a flaw have somewhere responsible to report it instead of leaving it for an attacker to find first.

    Robinson says none of these would work without a rehearsed incident response plan; the difference between a five-minute takedown-and-restore and a multi-hour public scramble usually comes down to whether the runbook was ever actually practiced.

    African governments need to realise that the pattern isn’t unique to any one country. Kenya has now had multiple public defacement incidents in under a year; similar stories have played out in Nigeria, South Africa, Ghana, and elsewhere.

    The common thread across all is structural: government digital infrastructure tends to get funded and secured as a one-off project, ‘build the website’ rather than as an ongoing capability with a maintenance and security budget attached for its entire operational life.

    So, what needs to change structurally is treating government digital infrastructure like critical national infrastructure, not a marketing brochure. Changing that outcome means changing how these assets are governed, not just how they’re built.

    “Centralise security ownership under something like a national CERT with actual authority (not just advisory),” Robinson advises. “Mandate baseline security certifications before any ministry site goes live, and fund ongoing monitoring contracts the same way you’d fund physical security for a ministry building.”

    Without that shift, the cycle is predictable: a defacement happens, a brief statement follows, a quiet fix gets applied, and the same story repeats within a matter of months.

    Hackers Kenyas over Presidents take
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Ewang Johnson
    • Website

    Related Posts

    3 Indian AI Stocks Riding The Shift To Software Defined Growth

    July 19, 2026

    China’s Xi calls for step up of global effort in AI

    July 19, 2026

    Samsung’s brand value hits US$97.4 bln this year: report

    July 19, 2026
    Leave A Reply Cancel Reply

    Search
    Latest Post

    United States Warning Reveals a Bigger Travel Risk as Iran Tensions Test the Middle East Flight Network Linking UAE, Qatar, Saudi Arabia and Jordan with Millions of Emirates, Qatar and Etihad Airways Passengers Watching Closely : Today’s Update

    July 19, 2026

    Trump called on FIFA to hold the World Cup again in the USA, but without Canada and Mexico

    July 19, 2026

    ICEDEG Africa Presents Recommendations to Finance Ministry Ahead of Mid

    July 19, 2026

    I spent 2 nights at a tiny home resort. My 260-square-foot house on wheels felt shockingly spacious.

    July 19, 2026

    Global Health Updates: Tackling New Outbreaks and Drug Developments

    July 19, 2026

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • TikTok
    ABS TV and ABS Network News is a leading Pan-African 24/7 broadcasting network delivering nonstop news, talk shows, lifestyle programs, and digital media content worldwide through Satellite, Streaming Platforms, and Roku TV.
     
    Based in the United States, we connect Africa to the world while empowering creators, journalists, and brands through innovative media and broadcasting services.
    Facebook X (Twitter) Pinterest WhatsApp Instagram

    Our Picks

    United States Warning Reveals a Bigger Travel Risk as Iran Tensions Test the Middle East Flight Network Linking UAE, Qatar, Saudi Arabia and Jordan with Millions of Emirates, Qatar and Etihad Airways Passengers Watching Closely : Today’s Update

    Trump called on FIFA to hold the World Cup again in the USA, but without Canada and Mexico

    ICEDEG Africa Presents Recommendations to Finance Ministry Ahead of Mid

    Most Popular

    I spent 2 nights at a tiny home resort. My 260-square-foot house on wheels felt shockingly spacious.

    Global Health Updates: Tackling New Outbreaks and Drug Developments

    The Withering Away of the State and New, Civilised Dispensations

    © 2026 Copyright. All Rights Reserved by ABSAFRICATV
    • Privacy Policy
    • Terms of Services

    Type above and press Enter to search. Press Esc to cancel.

    We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.