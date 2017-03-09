News

Some of the suspects arrested for transnational crimes including drug trafficking and cybercrime in Nairobi. PHOTO | JEFF ANGOTE | NATION MEDIA GROUP

Kenya Revenue Authority (KRA), several blue-chip banks, a parastatal and a supermarket chain are some of the institutions penetrated by an international cybercrime syndicate that took off with hundreds of millions of shillings – before they were all seized on Monday and Tuesday.

Working with insiders and relatives of “prominent politicians”, the crooks had formed an international band that installed malware into the systems that allowed them to take control of the institutions’ computers and steal what police sources said would run into hundreds of millions. (A malware is a software that disables the systems to enable hacking and transfer of money without detection).

On Monday night, Kenyan detectives from the Special Crime Prevention Unit, SCPU, and the Flying Squad smashed the syndicate and arrested a former police officer, a Kenya Revenue Authority employee and two American citizens who are now among 16 suspects in police custody for transnational crimes — that include cybercrime and drug trafficking.

On Wednesday evening, KRA confirmed that its staff members had been part of the syndicate and were under arrest. Commissioner General John Njiraini said KRA “played a key role in unearthing the crime … whose outcome has been the arrest of several suspects among them KRA staff in the ICT department”.

The cybercrime syndicate was operating in the Kenyan capital city centre, Muthaiga and Roysambu, suburbs in Nairobi, and Thika, an industrial town 42km northeast of the capital, and had been robbing banks using Salami attacks and electronic transfers as well as trafficking drugs.

They have also been colluding with motor vehicle importers to evade tax and were illegally registering them. During the crackdown, police recovered several vehicle number plates from one of the houses.

Damage unknown

(In a salami attack, a cyber crook steals small undetectable amounts and deposits in one account before launching a major attack.)

Security reports, seen by Nation, also indicate that the group were “conspiring to manipulate the IEBC (Independent Electoral and Boundaries Commission) system during the elections” and had been working with relatives of senior politicians which gives the syndicate some political angle too.

How much damage they have left in their wake is unknown, but police say the leader of the cyberheist gang is 35-year-old Calvin Otieno Ogalo, a former police officer and bank employee, who on Saturdays turns into a devout SDA patriot and choir member but worked as a bank hacker every other day between 3pm and midnight.

One of the suspects arrested during the raid. PHOTO | NATION MEDIA GROUP

The Cybercrime Investigation Unit estimates that Kenya lost more than $170 million to hackers in 2016, with theft of credit or debit card data and financial scams, bank salami attacks and hacking of the mobile banking systems being the greatest targets. Also, the Global Threat Index last year placed Kenya at position 69 out of the 127 countries that are vulnerable to cybercrime.

At the KRA offices in Nairobi, detectives discovered a laptop hidden within the network chambers “and connected through port 11” which allowed Mr Ogalo to have unfettered access to the system.