Building National Cyber Warfare Capability in Kenya

Cyber is widely recognized as the 5^th domain of warfare, in addition to the traditional Land, Air, Maritime and Space. It transcends traditional physical borders allowing the use of the cyberspace as a frontier to launch attacks, disrupt critical infrastructure, and engage in acts of espionage. This has resulted in a shift in warfare, where war is no longer confined to the battlefield but extends to the digital space using ICT systems and networks. There is therefore need for Kenya to build a national Cyber warfare capability to support achievement of its strategic military and political objectives. This policy paper recommends the set-up of a national cyber capacity in the country, investment in cyber tools and technologies, strengthening of research, development and innovation, development of cyber warfare capabilities, alignment of cyber policies, laws and regulations, enhancement of private-public partnership and building of international cooperation and collaboration. It is envisaged that the adoption of these policy recommendations will transform the country into a global super power as far as its cyber warfare capabilities is concerned.

Introduction

Kenya attained her independence in 1963 and has since made tremendous progress in all spheres, more especially in the area of ICT, mobile technology, internet connectivity, digital services and use of emerging technologies. While this progress has propelled the country to greater heights of social economic development, it has exposed the country to emerging and non-traditional threats emanating from the cyberspace, with limited national capability to deter them. Article 241 of the Constitution of Kenya, 2010, provides for the establishment of the military, while legal notice No. 22 of 2017 establishes the National Space Agency that coordinate, regulate and promote space activities in Kenya. This defines and completes the traditional warfare domains of land, air, maritime and space (GoK, 2017). However, the cyberspace, recognized globally as the 5^th domain of warfare, remain without a corresponding security entity to manage it.

The current National and Computer and Cybercrimes Coordination Committee (NC4) established under the Computer Misuse and Cybercrimes (CMCA) Act, 2018, is not a body corporate and its mandate is limited to national coordination. It relies on the various committee entities to discharge its mandate and is disadvantaged by lack of synergy, overlapping mandates, internal conflicts, scramble for resources and powerplays. 

In a world that is increasingly reliant on digital infrastructure, the theatre of war has expanded to include the elusive, volatile and fluid realm of cyberspace. No longer confined to traditional battlefields, state and Non-state actors have turned to the internet as a powerful tool for espionage, sabotage, and covert warfare. In this new landscape of conflict and silent wars, victory and defeat is concealed behind firewalls and encrypted communications, leaving the public largely unaware of the complex dynamics shaping global affairs and strategic direction.

Cyber warfare transcends the traditional physical boundaries between states, with the capacity to outsmart well known and tested military doctrines and fighting tactics. In an era dominated by technology, the use of cyberspace to launch attacks, disrupt critical infrastructure, and engage in acts of espionage has become an increasingly common phenomenon (Tariq, 2021; Soldatov & Borogan, 2022). Cyber warfare is undertaken with the intent to cause harm, disrupt systems, or gain unauthorized access to information (Obi & Oludare, 2022). These attacks are often conducted by both state and Non-state actors and unlike conventional warfare, cyber warfare is characterized by its covert nature and the potential to cause significant damage without use of the traditional physical force, (Fortinet, 2022). Indeed, Cyber warfare represents the future of modern war, (Gustavoet at al 2022; Jovanovski et al, 2020) and Kenya must begin to build capabilities to successfully prosecute and win battles in the new cyber domain.

In this warfare, technology is the primary tool and war equipment and the outcomes of these conflicts can have far-reaching consequences for national security, economies, and the daily lives of citizens (Fortinet, 2022).  Major military powers around the world have heavily invested in technologies that seamlessly link their military arsenal to digital networks, satellites, fighter jets, missile defence systems, while other hardware rely on the efficiency on the internet and the connectivity of the cyberspace domain (Mosimininuoluwa, 2023).

This policy paper therefore focuses on how Kenya can build an effective cyber warfare capability to defend her people and national interests in the face of growing threats emanating from the cyber space. 

Driving Factors

The motivation for states to build capabilities for cyber warfare is driven by various factors, key among them being the surge in digital transformation where states have increasingly embraced digital technologies for efficiency, convenience, and competitiveness. This digital transformation is not only an incentive to pursue cyber warfare capabilities but also makes them more susceptible to cyberattacks from other states.

There is also increased critical infrastructure vulnerabilities, with apparent systems weakness that can be exploited remotely for military advantage or economic gains. This is made worse by the integration of digital systems into critical infrastructure, such as power grids, transportation networks, and financial systems, thus transferring these vulnerabilities to this critical infrastructure.

Lastly, there has been expanded global connectivity with the internet’s global reach allowing state actors and Non-state actors to target other states and victims across borders. This makes it a worldwide issue that require states to build capabilities as well as pursue international cooperation with other states in order to have an effective joint and multinational response and defence (Putra, 2022; Reith, 2021).

Cyber Warfare Threats

It is important to distinguish cybercrime from cyber warfare. According to Dickeson (2021), a cybercrime must involve a crime committed with information technology, while cyber warfare must involve a nation or their agents. Cyber warfare encompasses various types of attacks and threats (Koczka, 2020). Therefore, understanding these is essential to formulating effective policy recommendations and national defences.

First, is Cyber Espionage, where state and state sponsored entities gather sensitive data and information from governments, corporations, or individuals. The information gathered gives them a competitive advantage. The state and Non-state actors who engage in cyber espionage typically want to remain in IT environments, undetected, for long periods of time. This makes the attack dangerous, complicated and expensive to undertake.

Secondly, we have Cyber sabotage. While espionage seeks to gather information, cyber sabotage aims to deny, disrupt, deceive, degrade and destroy an adversary’s digital infrastructure. For example, the Stuxnet worm, first discovered in 2010, demonstrates how cyber sabotage can have tangible, real-world consequences as it caused significant damage to uranium enrichment centrifuges in Iran. Other vulnerable infrastructure includes critical information systems, power grids, transportation systems, and healthcare systems and networks.

There is also the danger of Information warfare where, State and Non-state actors spread misinformation and disinformation to manipulate public opinion, disrupt political stability and social order. The battlespace uses ICT in pursuit of a competitive advantage over an opponent and creates confusion by manipulating communication between the government, public and international community.

The other developing threat is the problem of ransomware attacks that hold a victim’s data or device hostage, threatening to keep it locked or worse unless the victim pays a ransom to the attacker.  The attack takes advantage of human, system, network, and software vulnerabilities to infect the victim’s device which can be a computer, printer, smartphone, wearable, point-of-sale (POS) terminal, or another endpoint. These infect devices when the victim clicks a link, visits a web page, or installs a file, application, or program that includes malicious code designed to covertly download and install the ransomware.

Cyber Warfare Challenges

Kenya like most developing countries continue to lag behind in developing cyber warfare capability. There is a challenge of coordination complexity due to the multifaceted, multistakeholder, multiagency nature of responses and approaches to cyberwar. Bringing together diverse agencies and entities leads to coordination challenges, as each one of them may have distinct priorities, processes, and objectives. This slows down response times and hinder the sharing of information. There are also perennial challenges of data sharing impediments that raise concerns about data security and privacy. Agencies may be hesitant to exchange data due to these concerns, even when it is critical for addressing cyber threats. At the international level, legal and regulatory frameworks can vary among states making it challenging to harmonize and align activities.

Resources remain one of the main challenges to building cyber warfare capability. Equipment, technologies and hiring people require heavy resource investment. Developing countries like Kenya continue to struggle as it tries to keep up with well-funded counterparts.

Recommendations

To build the required cyber warfare capacities, there is need to enhance the national cyber warfare capabilities within the whole of government, multi-agency collaboration framework. Therefore, as a way forward, this policy brief makes the following recommendations: 

a. Set-up a national cyber agency

The recognition of cyber as the 5th domain of warfare requires a dedicated national agency with specific mandate to fight and win wars within the cyber space. This can be achieved by introducing a new cybersecurity entity or restructuring existing ones to create these capabilities. This should then be followed by development of an establishment, equipment table, infrastructure development, recruitment, training, deployment and the procurement of relevant tools and equipment. This will also create a clear institutional and governance structure that defines the roles, responsibilities, and decision-making processes of each entity within the multiagency collaboration. This structure would facilitate efficient coordination and minimize conflicts. As a start, the proposed cyber agency and other security agencies need to be empowered in line with their unique mandates as per the constitution and other relevant laws.

b. Investment in cyber tools and technologies

Cybersecurity Analysts use a variety of tools in their jobs, which can be organized into a few categories: network security monitoring, encryption, web vulnerability, penetration testing, antivirus software, network intrusion detection, and packet sniffers. Given the complexity of the cyberspace, there are countless cybersecurity software solutions and tools tailored to defend companies and individuals from a whole host of possible threats and attacks. Some tools and technologies offer a holistic security suite with coverage against a whole host of security vulnerabilities and threats, while other security solutions focus specifically on areas including network security, endpoint security, threat intelligence, firewall protection, intrusion detection systems, malware protection, vulnerability management, external attack surface management, and much more.

c. Enhance research, development and innovation

Research, Development and innovation is an essential driver of economic growth and will allow the country to be one step ahead of the threat actors. The never-ending struggle between the good and the bad requires continues support from the research community, to enable the good actors to stay ahead of the pack. Effective research, development and Innovation will require investment in people, processes, technologies and capabilities that are able to offer controlled virtual environment and tools for creating stable and secure IT systems. This should bring together practitioners, industry, academia, and public sector with the mission of identifying, prioritizing and initiating activities that will create a favourable research, development and innovation environment in Kenya.

d. Build Cyber warfare capability

This requires investment in cybersecurity training and certification in order to build human capacity in key cyber knowledge domain areas. This will also provide the necessary deterrence against threats and attacks from state and Non-state actors. Additionally, the country should invest in training and capacity development programs for security and law enforcement as well as supporting civilian personnel, ensuring that all experts involved in this war, either uniformed or civilian, have the necessary technical skills to effectively combat cyber threats and incidents.

e. Align cyber policies, laws and regulations

There is need to conduct periodic review of its legal and regulatory framework against cyber threats. The changing dynamics of cyber war requires continuous alignment of these legal instruments to ensure that policies, laws and regulations are up-to-date and flexible enough to address emerging threats and challenges. There is also need to consider ratification of international conventions such as the Budapest Convention on Cybercrime, the Malabo Convention on Cybercrime and personal data protection among others to provide an international framework for collaboration, training, information sharing and mutual legal assistance.

f. Enhance public-private partnership

The cyber warfare requires close partnership to deliver decisive victory. Through public-private partnership, the government will tap into the expertise of the private sector and inform the development of cybersecurity strategies and policies. This partnership also allows the public and private sectors to share resources and information. This further enables leveraging of resources and expertise of both sectors. Collaboration with private industry is vital, as it often owns and operates critical infrastructure. In doing so, both sectors are able to develop more effective strategies and solutions that address cyber threats and attacks.

g. Build international cooperation and collaboration

International collaboration, recognize that cyber warfare and related threats are often transnational. There is therefore need to engage partners and organizations in sharing of threat intelligence and best practices, to effectively address cross-border cyber threats.

Conclusion

This policy paper has explored the critical need for Kenya to establish a national cyber warfare capability to secure the cyberspace, the 5^th domain of war as it pursues the achievement of its strategic objectives and protection of national interests. It has noted that, war is no longer confined to the traditional battlefield, but extends to the digital space using ICT systems and networks. The policy paper recommends the setting up of a national cyber agency, investment in cyber tools and technologies, enhancement of research, development and innovation, development of cyber warfare capabilities, alignment of cyber policies, laws and regulations, enhancement of private-public partnership and building of international cooperation and collaboration. It is envisaged that the adoption of these policy recommendations will transform Kenya into a global super power as far as its cyber warfare capability is concerned.

References

1. Dickeson, L. (2021). When Does a Cyber Crime Become an Act of Cyber Warfare When Does a Cyber Crime Become an Act of Cyber Warfare?
2. Fortinet. (2022). What Is Cyberwarfare? Retrieved from fortinet.com: https://www.fortinet.com/resources/cyberglossary/cyber-warfare
3. Government of Kenya (Gok) (2010). The Constitution of Kenya 2010. Nairobi: Government Printer.
4. Government of Kenya (Gok) (2017). Legal Notice No 22 of 2017. Nairobi: Government Printer.
5. Gustavo, A., Purim, M., & Duma, B. (2022). Reassessing Russian Cyberwarfare and Information Warfare (2007-2022).
6. Jovanovski, Z., Iliev, A., & Ilieva Nikolovska, A. (2020). Historical Perspectives and Legal Aspects of Cyber Warfare. Annals of Disaster Risk Sciences, 3(2), 1–10. https://doi.org/10.51381/adrs.v3i2.53
7. Koczka, F. (2020). Opportunities of Darknet Operations in Cyber Warfare: Examining its Functions and Presence in the University Environment. Academic and Applied Research in Military and Public Management Science, 19(1), 65–81. https://doi.org/10.32565/aarms.2020.1.6
8. Mosimininuoluwa, A. (2023). Traditional Journal of Law and Social Sciences (TJLSS) Aggression and Self-Défense in Cyberwarfare: The Relevance of International. 02(01), 1–15.
9. Obi, F. C., & Oludare, A. M. (2022). Taming the Shrew of Rising Cyber-Warfare. OALib, 09(12), 1–12. https://doi.org/10.4236/oalib.1109003
10. Putra, L. B. S. (2022). Formation of Cyber Forces for Encounter Modern Warfare and Cyber Warfare. International Journal of Research and Innovation in Social Science, 06(08), 149–152. https://doi.org/10.47772/ijriss.2022.6806
11. Reith, G. N. (2021). Cyber Warfare Evolution and Role in Modern Conflict. Retrieved from  https://www.jstor.org/stable/27125011
12. Soldatov, A., & Borogan, I. (2022). Russian Cyberwarfare: Unpacking the Kremlin’s Capabilities. Centre for European Policy Analysis (CEPA), 1–36. Retrieved from https://cepa.org/russian-cyberwarfare-unpacking-the-kremlins-capabilities/
13. Tariq, K. D. (2021). Defining Cyber Warfare. ISSRA Papers, 13, 15–26. https://doi.org/10.54690/issrap.v13ixiii.102