Why Telegram remains a headache in fight against cybercriminals

In Kenya, Telegram sustains a considerable share of popularity, ranking among the top 10 most used social platforms at 1.8 percent popularity as of December last year

Photo credit: File | AFP

By  Kabui Mwangi

Correspondent

Nation Media Group

As the tech scene continues to grapple with rising complexities and volumes in threat activities, the Telegram messaging platform has claimed its slot as a favourite hub and stage for brewing attacks, aided chiefly by the app’s anonymity features and lenient moderation.

Numerous sector reports have flagged the platform as a rising fertile ground for threat actors, with its entrenched popularity presenting a significant challenge for security researchers attempting to arrest the trend.

In Kenya, the Telegram app has in recent times presented a unique headache, especially with respect to the administration of national school examinations, with reports of the platform massively facilitating cheating.

Related

In November last year, for instance, authorities in Nairobi ordered the suspension of the platform during specific hours at the height of the administration of the Kenya Certificate of Secondary Examination (KCSE).

But why is surveillance capacity on the app so obscure? A fresh analysis of the global threat landscape commissioned by cybersecurity solutions firm Radware indicates that despite heightened scrutiny in recent months, Telegram remains a key resource for use, especially by hacktivists.

“In 2024, Telegram acted as a primary coordination and communication hub for hacktivist groups, largely due to its anonymity features and lenient moderation,” notes the report.

“Following the arrest of its founder and CEO, Pavel Durov, in August 2024, Telegram increased its cooperation with law enforcement and stepped up moderation efforts, as evidenced by a surge in data-sharing with authorities.”

Read: Kenya lost Sh4.2bn to Telegram shutdown in 2023

Radware says that Telegram’s bot automation and cryptocurrency services have encouraged the rise of Distributed Denial of Service (DDoS)-as-a-service offerings, letting individuals hire attacks through the platform’s bots that handle real-time commands, scheduling, and payments.

This, the report says, creates an ecosystem that has made it alarmingly easy for users with minimal technical skills to launch or commission attacks, further cementing the app’s role in the cybercriminal landscape.

Other irregular activities powered by the platform include the leakage and sale of stolen personal and corporate data, distribution of hacking tutorials as well as organisation of cybercrime gangs.

“One reason why Telegram is attractive to cybercriminals is its alleged built-in encryption and the ability to create channels and large, private groups. These features make it difficult for law enforcement and security researchers to monitor and track criminal activity on the platform,” writes an Israeli-based cyber threat intelligence firm KELA in a study.

“In addition, cybercriminals often use coded language and alternative spellings to communicate on Telegram, making it more challenging to decipher their conversations.”

The firm also singles out the anonymity nature of the platform, noting that allowing users to register accounts without disclosing personal information makes it simple for people to set up many identities and use them to converse without revealing one’s genuine identity.

Users, KELA observes, can sign up on the app with virtual numbers or foreign phone contacts that are unrelated to their true identities, adding that people can also register for the service via a one-time SMS service, with the one-time password code given to the one-time SMS service rather than their private phone.

“Because of this anonymity, law enforcement organisations have a tough time tracking down and identifying individuals who are using the program for illicit activities,” notes the study.

In Kenya, Telegram sustains a considerable share of popularity, ranking among the top 10 most used social platforms at 1.8 percent popularity as of December last year according to the latest disclosures from the Communications Authority of Kenya (CA).

London-based internet rights organisation NetBlocks estimated that the country lost $27.02 million (Sh3.5 billion at current conversion rates) due to yet another KCSE-linked Telegram downtime witnessed in 2023.

Read:  Rise of Internet censorship in Kenya and its effects on economic growth

The organisation’s calculations showed that the eight-day shutdown significantly impacted enterprise activities in the country, with businesses estimated to have lost Sh537 million in foregone sales and other economic benefits that trickle down from the use of the app in Kenya.

NetBlocks calculates the economic cost of social media shutdowns from World Bank and International Telecommunications Union (ITU) indicators, which estimate, in monetary terms, the economic benefits generated in a country from uninterrupted internet and social media use.

[email protected]

PAYE Tax Calculator

Note: The results are not exact but very close to the actual.

Get it First!

Stay up to date on the editors' picks of the week.

Latest

  1. PRIME Ketraco power dispatch hub project starts in May

  2. BDAgreement

    Tap the potential of budding arbitrators

  3. PRIME Why Equity, KCB must sell 30pc DR Congo stakes

  4. PRIME Judge backs factory for rejecting farmer’s doubtfully high tea supplies

In the headlines

View All