[kictanet] Government Websites Hacked :- What next?
Barrack Otieno
otieno.barrack at gmail.com
Thu Jan 19 07:40:05 EAT 2012
Dear Roy et al,
I am miffed at all the hullabaloo caused by the hacking of the 100
websites. Late last year CCK hosted a workshop at the Nairobi Safari club
which was widely publicised that brought together stakeholders to discuss
this issues in fact the immediate former Chair of ISACA Kenya Chapter made
a very elaborate presentation. In the first place the workshop was not a
news item despite the efforts made by the organisers to bring in Cyber
Security experts from George Mason University and the creme de la creme in
the local Cyber Security community. To me this is a non issue because we
are aware but somebody somewhere is aware of what needs to be done and
should be held accountable, if you don't lock the door to your house at
night and thieves come in , do you blame the police? We must shun
mediocrity.
Best Regards
On Wed, Jan 18, 2012 at 12:17 PM, Walubengo J <jwalu at yahoo.com> wrote:
> --- On *Wed, 1/18/12, Walubengo J <jwalu at yahoo.com>* wrote:
>
>
> From: Walubengo J <jwalu at yahoo.com>
> Subject: [kictanet] Government Websites Hacked :- What next?
> To: jwalu at yahoo.com
> Cc: "kictanet at lists.kictanet.or.ke" <kictanet at lists.kictanet.or.ke>
> Date: Wednesday, January 18, 2012, 12:07 PM
>
>
>
> *Government Websites Hacked :- What next?*
>
>
> It has been all over the social network. Most government websites hosted
> on the .*go.ke* domain were hacked by some Indonesian cyber-security
> student. Apparently after several hours of teaching, the lecturer
> encouraged the students to test their skills on selected government sites
> and what better target than Kenya? After all Kenya is reputed to be the hub
> for ICT technologies in East and Central Africa. Better still, with the
> recently implemented multiple undersea fiber cables, Kenya present high
> quality internet speeds that are necessary for launching sophisticated
> attacks from within and the outside world.
>
>
> With that hindsight or profiling, the hacker must have made a good
> choice of a target - a target that has its technological development way
> ahead of its cyber security advancement. Within hours over one hundreds of
> governments sites including the not so lucky http://www.treasury.go.ke/,
> http//www.lands.go.ke and www.roads.go.ke just to select a few. By the
> time of going to press, twelve long hours after the attack, most of these
> sites continue to be down.
>
>
> Think about it, if Vision 2030 is to be believed, most Kenyans will be
> engaging governments e-services through these sites. Think of what would
> happen if this type of attack is repeated 5years from today. Ever seen the
> hue and cry when MPESA is down for 10minutes? Think of that and then think
> disaster when Ministry of Lands, Roads (electric trains?) and Treasury get
> shut down in future - by a local university student doing her security
> practicals on government sites.
>
>
> The Social network is abuzz with chants of whom to blame. Is it
> eGovernment Directorate, is it the Converged Regulator who runs the
> National CSIRT (Cyber Security Incidence Response Team) or should it be the
> security agent, NSIS - with its mega-billion funds to invest in security?
> For ISACA-Kenya, we think it is a wakeup call for everyone, to realize that
> Cyber Security is not a one-man or woman show. Just like the ongoing
> "Linda-Nchi" initiative in Somali where we are all affected - each and
> everyone must contribute to the overall safety of the other. Security is
> indeed not entirely the Chief of General Staff's problem, but rather a
> collective problem requiring a collective approach.
>
>
>
>
> So in conclusion, a safer digital environment is going to take a lot
> more and deliberate exercise to involve and educate each stakeholder. Most
> notably ofcourse the Telecommunication Operators, Hosting and Content
> Managers, Regulators, Law Enforcement, Judiciary, the ICT professionals and
> Users. The cyber-security of our country is going to be as good as the
> weakest link in these and possibly a wider group of stakeholders. This is a
> wakeup call for a concerted and holistic look at how such an National
> Cyber-Security program could be achieved.
>
>
> Signed
>
> Roy Akalah
>
> *President*
>
> *ISACA-Kenya Chapter*
>
>
> -----Inline Attachment Follows-----
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke<http://mc/[email protected]>
> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>
> Unsubscribe or change your options at
> http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com
>
> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
> for people and institutions interested and involved in ICT policy and
> regulation. The network aims to act as a catalyst for reform in the ICT
> sector in support of the national aim of ICT enabled growth and development.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people's times and bandwidth,
> share knowledge, don't flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>
>
> _______________________________________________
> ke-internetusers mailing list
> ke-internetusers at bdix.net
> http://www.bdix.net/mailman/listinfo/ke-internetusers
>
>
--
Barrack O. Otieno
+254721325277
+254-20-2498789
Skype: barrack.otieno
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20120119/23768895/attachment.htm>
More information about the KICTANet
mailing list