[kictanet] Government website Hacking incident a crying shame
Walubengo J
jwalu at yahoo.com
Tue Jan 17 18:48:03 EAT 2012
True that Dr. Siganga,
we probably need the broad principles and practices of www.isaca.org after all.
walu.
--- On Tue, 1/17/12, waudo siganga <emailsignet at mailcan.com> wrote:
From: waudo siganga <emailsignet at mailcan.com>
Subject: Re: [kictanet] Government website Hacking incident a crying shame
To: jwalu at yahoo.com
Cc: "KICTAnet ICT Policy Discussions" <kictanet at lists.kictanet.or.ke>
Date: Tuesday, January 17, 2012, 6:42 PM
Thanks for the news Brian. This is a big shame for all Kenyans that our Government sites can be hacked by a simpleton. It is important to establish who in the maze of ICT Governance in the Government is responsible for Government sites and what coordination there is between different agencies and ministries. Are there appropriate ICT Policies in place covering areas such as Hosting Policy, Server Back-up Policy, etc? Is there regular ICT Audit of Government systems and methods to ensure that they conform to recognised standards and are acceptably safe and secure? Some learning should come out of this incident.
On Tue, Jan 17, 2012, at 04:09 PM, Brian Munyao Longwe wrote:
The fact that a student on a hacking/computer security course could hack into and deface more than 100 Government of Kenya websites in one night(!) is a crying shame. In addition to that, the fact that it seems all or most of these sites were hosted on a single server is a travesty of best practice.
Is it so difficult for GoK to invite (readily available) information security experts to design and implement a suitable online information framework for public government websites?
Shaking my head,
Brian
--
Brian Munyao Longwe
e-mail: blongwe at gmail.com
cell: +254715964281
blog : http://zinjlog.blogspot.com
meta-blog: http://mashilingi.blogspot.com
_______________________________________________
kictanet mailing list
kictanet at lists.kictanet.or.ke
http://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/emailsignet%40mailcan.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-----Inline Attachment Follows-----
_______________________________________________
kictanet mailing list
kictanet at lists.kictanet.or.ke
http://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20120117/3b0ec5e1/attachment.htm>
More information about the KICTANet
mailing list