[kictanet] Online Security in Kenya needs to be mainstreamed

Brian Munyao Longwe blongwe at gmail.com
Sat Feb 11 21:28:59 EAT 2012 

Hey Michuki,

Nice to see a thoughtful response. I will be commenting in greater detail
soon, but just for the meantime here's some more food for thought.

A group calling themselves "Rwandan-Hackers" compromised the Standard Media
website yesterday and published online a list of KTN Live members which
included username, encrypted password and email addresses, a snippet
follows:


   1.                                  HACKED BY RWANDAN HACKED
   2.
   3.
   http://rwandan-hackers.blogspot.com/
   4.
   5. Target:http://www.standardmedia.co.ke/
   6. Date:09/02/2012 18:27:43
   7. DB Detection:MySQL (Auto Detected)
   8. Method:GET
   9. Type:Integer (Auto Detected)
   10. Data Base:eastand_xp
   11. Table:ktnlive_members
   12. Total Rows:831
   13.
   14. username        password        email
   15. 007finanz       d3ce7658a5c2c9f66790ed0f5d4970ad
   007finanz at gmail.com
   16. 05mark  77a6bc8aedf55b28f38794e2d5b0d3a1        muniukm at yahoo.com


The complete list with close to a thousand names is at:
http://pastebin.com/QCtP3AxH
Best regards,

Brian

On Sat, Feb 11, 2012 at 9:04 PM, Michuki Mwangi <michuki at swiftkenya.com>wrote:

> Hi Brian, et al,
>
>
> On 2/11/12 12:03 PM, Brian Munyao Longwe wrote:
> > Today's(last night's) hacking of the Toyota Kenya website as evidenced
> > by Moses Kemibaro's screenshot - http://t.co/w7RDDjfP - should serve as
> > a wake up call to CxOs and any organization that has a web presence or
> > online resources.
> >
>
> While i agree with you. I would like to subject this to discussion.
>
> 1. There no business critical information sufficient to warrant the
> investment into securing the website. In reality, its not like they
> broke into the new toyota show room on Waiyaki way and got away with the
> any car(s).
>
> 2. I would bet that the folks at Toyota don't know what percentage of
> their monthly sales are courtesy of their website.
>
> 3. The website is hosted at http://www.softlayer.com/ so this means its
> an outsourced solution. In this case who is complacent a. the hosting
> company (they provide the infrastructure/service or b. the
> developer/website designer. The reason being I do not believe that its
> in toyota's core business to be concerned about their website security.
> Unless someone makes them see the business sense of it.
>
> > Especially as it comes hardly 2 weeks after the shameful hacking of over
> > 103 government websites by an amateur Indonesian techie. In this
> > particular case it turns out that all 103 sites were hosted on the same
> > physical server - a malpractice, as far as web-hosting and system
> > administration goes.
>
> Am not 100% in agreement here.
>
> 1. It not uncommon to have 103 low traffic websites on a single server
> going by the computing resources available today. After all its what the
> world of Virtualization and virtual Web hosting is all about.
>
> IMHO am pretty pleased by fact that;
>
> 1. We have 103 Government websites - so we are making baby steps.
>
> 2. It also means that we have a resourceful sysadmin who understands
> virtual web-hosting and is capable of hosting 103 website on one IP
> address (that we didn't know until this incident).
>
> > It is clear that the increase in online threats and
> > cyber-security issues has a lot to do with Kenya's improved connectivity
> > to the global Internet - with 3 submarine fiber optic cables opening the
> > country and sub-region to cyber-criminals and pranksters alike.
> >
>
> +1
>
> However, its important that we note that the websites in discussion were
> hosted in two different places i.e US and Kenya.
>
> IMHO to mainstream security the websites will have to mean more than
> just online or web presence. For Govt websites for instance if the KRA
> website was hacked - we can indeed expect delays in customs clearance of
> goods, loss of revenue collection, etc. Currently it is a matter of
> public image. Therefore considering our brevity of mind, it will soon be
> back to business as usual.
>
> Similarly, for many local companies, websites are like a company
> brochure + directory service (no pun intended). If you think am out of
> my mind compare www.toyotaea.com (the hacked site) and toyota.com.
> Clearly one is a brochure and the other is a salesperson. I almost
> obvious that if the www.toyota.com website had a 4 hour outage, it would
> affect their sales target for the week. Because they would be one
> salesperson less.
>
> Taking into consideration that most of these companies have a PR agency
> that will issue a very reassuring statement after such an incident for a
> standard retainer.
>
> In summary, considering that our websites are non-critical to the
> organization/business operations and continuity. Why should we be
> investing so much or to phrase it as Brian did why should CxO's care?.
>
> Convince me!
>
> Mich.
>
>
>
>
>
>
>
>
>
>
>
>


-- 
Brian Munyao Longwe
e-mail: blongwe at gmail.com
cell:  +254715964281
blog : http://zinjlog.blogspot.com
meta-blog: http://mashilingi.blogspot.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20120211/42bb5e3f/attachment.htm>

More information about the KICTANet mailing list