The Nairobi Metropolitan Services (NMS) has suspended development plan approvals after a group of hackers gained access into its building approval system.
According to a report published by The Business Daily, the Hackers managed to access the NMS system’s Quick Response (QR) code and effected numerous illegal approvals.
The online QR code system is a unique identification method of all approved architectural and structural plans.
NMS restored this system in September last year making it easier for property developers in Nairobi County to have their development plans approved online. This meant there was no need for stamping the plans. It also meant that applicants will no longer have to physically present the plans to the NMS offices.
Confirming the breach to Business Daily, NMS Deputy Director-General Kangethe Thuku said “We discovered that the e-construction system was recently hacked into and we have stopped using that system for the time being as we look for a solution,”
BD reports that the breach was unearthed following concerns raised by the Kenya Alliance of Residents Association (Kara) about rising cases of constructions of buildings in zoned-off areas in the county.
This is not the first time hackers are gaining access to government websites. In 2019, a cyber-attack also brought down National Development Implementation and Technical Communication (NDICT) and ICT Authority-run Integrated Financial Management Information Systems (IFMIS) are both down following a cyber-attack.
The Ministry of Foreign affairs sever has also previously been hacked by hackers affiliated to Anonymous. The hackers claimed to have stolen 1TB of data. Last year, hackers also gained access to the Kenya Agricultural Research Institute (KARI) has a website.
Local businesses have also been victims of cyber attacks. In 2018, the National Bank of Kenya lost about Ksh.29 million to hackers. Last year, a new report suggested that data of various Mount Kenya University students – both past and present – was being shared online in hacker forums. The data consisted of names, general addresses, and phone numbers.