Kenyan gov't websites back online after hackers deface pages with white supremacist messages

The government of Kenya suffered a cyberattack on Monday morning that defaced multiple ministry pages with racist messages for several hours. 

The hackers behind the attack replaced ministry websites with white supremacist messages like “We will rise again,” “White power worldwide” and “14:88 Heil Hitler.”

The websites for the ministries of interior, health, education, energy, labour and water were taken over by the hackers alongside several other government-affiliated platforms. 

Kenya's Interior Ministry published a notice confirming the incident and saying several government websites were rendered temporarily inaccessible due to the attack. 

“Preliminary investigations indicate that the attack is suspected to have been carried out by a group identifying itself as 'PCP@Kenya'. Following the incident, we immediately activated our incident response and recovery procedures, working closely with relevant stakeholders to mitigate the impact and restore access to the affected platforms,” the government explained. 

“The situation has since been contained, and the systems are under continuous monitoring.”

The Interior Ministry urged citizens to contact the country’s incident response team (National KE-CIRT) if they have any information about the cyberattack. 

The incident took place one day after Somalia, which shares a border with Kenya, reported a cyberattack on its Immigration and Citizenship Agency. 

The government said it detected a breach of data belonging to people who had traveled to Somalia through e-Visas. The agency is now investigating the incident and is trying to determine how many people were impacted.  

The U.S. Embassy in Somalia said the notice relates to allegations that emerged on November 11, when hackers claimed to have penetrated the country’s e-visa system and potentially exposed “the personal data of at least 35,000 people, including possibly thousands of U.S. citizens.” 

“Leaked data from the breach included visa applicants’ names, photos, dates and places of birth, email addresses, marital status, and home addresses,” the embassy said. “While Embassy Mogadishu is unable to confirm whether an individual’s data is part of the breach, individuals who have applied for a Somali e-visa may be affected.”

No hacking group has taken credit for either incident as of Monday afternoon.