[kictanet] Stung by cyber attacks, State resolves to host websites locally

Fri Jul 25 12:17:37 EAT 2014

The important thing is to be using multiple hosting providers and different
levels of protection.

And of course, Twitter cannot be moved to Kenya :-)

You're right that an in-country host is no more secure than one anywhere
else from a cyberattack point of view.  However, from a regulatory point of
view it's much different.  Right now the EU can compel Kenyan groups to
hand over data because the data resides there.  That's not an issue with a
local host like Kili.  Anyway, local hosts are way faster - that's the most
important thing.  Having the data local (i.e. Kili) literally makes it 40%
faster.

Also, for the CloudFlare attack, because there are only 3 routes into the
country, a big DDOS from outside probably wouldn't be as intense as it
could be to a host in the EU or US.  The important thing is that media,
government, and enterprises aren't in a position to host on the Internet -
they need modern cloud providers like Amazon or Rackspace to help them - or
if they're in Kenya, take advantage of a better service for the same price
- Kili.

-Adam

--
Kili - Cloud for Africa: kili.io
Musings: twitter.com/varud <https://twitter.com/varud>
More Musings: varud.com
About Adam: www.linkedin.com/in/adamcnelson

On Fri, Jul 25, 2014 at 11:59 AM, Mwendwa Kivuva via kictanet <
kictanet at lists.kictanet.or.ke> wrote:

> They might also host all twitter and FB accounts locally. :)
>
> On a more serious note, CAK is the regulator. Is it the right partner to
> host government content? When we say we want to separate the regulator from
> control of government, is it something we can achieve? Probably ICTA would
> have been a more preferred host.
>
> Regards
>
> ______________________
> Mwendwa Kivuva, Nairobi, Kenya
> twitter.com/lordmwesh
>
> "There are some men who lift the age they inhabit, till all men walk on
> higher ground in that lifetime." - Maxwell Anderson
>
>
> On 25 July 2014 04:31, Ngigi Waithaka <ngigi at at.co.ke> wrote:
>
>> Central Management of GoK;s website hosting is a step in the right
>> direction as the skills needed to protect government infrastructure can
>> also be centralized. However, it also gives you a single point of failure
>> where if anyone gets in, then the whole government could be compromised.
>>
>> On the other hand, is there any advantage to be had from a security PoV
>> from hosting websites in Kenya? Is there say a Data Center in .KE that can
>> withstand a well co-ordinated DDOS Attack on its infrastructure?
>>
>> Not one.
>>
>> As an example, this (
>> http://www.itnews.com.au/News/372033,worlds-largest-ddos-strikes.aspx )
>> DDOS attack on CloudFare sometime back was generating around 400GPS of
>> Traffic. If this was to be directed to our one data center, then KRA, CBK,
>> Immigration, County Revenue sites etc would all be down.
>>
>> So as we put all our  'eggs' in one basket we better watch that basket
>> really really carefully.
>>
>> Regards
>>
>>
>> On Fri, Jul 25, 2014 at 11:05 AM, Mwendwa Kivuva via kictanet <
>> kictanet at lists.kictanet.or.ke> wrote:
>>
>>> All State-owned websites will be hosted locally in order to curb rising
>>> cases of cyber security attacks.
>>>
>>> This was a key resolution at a crisis meeting held on Thursday between
>>> top security officials and the Ministry of ICT.
>>>
>>> Held at Communication Authority of Kenya (CAK), the meeting was called
>>> to discuss the safety preparedness of the government to handle cyber
>>> attacks.
>>>
>>> It comes just days after hacking of the Kenya Defence Forces’ social
>>> media accounts including the official email account of the military
>>> spokesperson Emmanuel Chirchir.
>>>
>>> In attendance were ICT principal secretary Joseph Tiampati,
>>> representatives of the National Intelligence Service, Kenya Defence Forces,
>>> CID, CAK director-general Francis Wangusi and ICT Authority chief executive.
>>>
>>>
>>> http://www.nation.co.ke/business/Cyber-Security-Attacks-ICT-Ministry/-/996/2396632/-/g6u9p4z/-/index.html
>>>
>>>
>>> ______________________
>>> Mwendwa Kivuva, Nairobi, Kenya
>>> twitter.com/lordmwesh
>>>
>>> "There are some men who lift the age they inhabit, till all men walk on
>>> higher ground in that lifetime." - Maxwell Anderson
>>>
>>> _______________________________________________
>>> kictanet mailing list
>>> kictanet at lists.kictanet.or.ke
>>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>>
>>> Unsubscribe or change your options at
>>> https://lists.kictanet.or.ke/mailman/options/kictanet/ngigi%40at.co.ke
>>>
>>>
>>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>>> for people and institutions interested and involved in ICT policy and
>>> regulation. The network aims to act as a catalyst for reform in the ICT
>>> sector in support of the national aim of ICT enabled growth and development.
>>>
>>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>>> online that you follow in real life: respect people's times and bandwidth,
>>> share knowledge, don't flame or abuse or personalize, respect privacy, do
>>> not spam, do not market your wares or qualifications.
>>>
>>
>>
>>
>> --
>> *Regards,*
>>
>> *Wait**haka Ngigi*
>> Chief Executive Officer | Alliance Technologies | MCK Nairobi Synod
>> Building
>> T + 254 (0) 20 2333 471 |Office Mobile: +254 786 28 28 28 | M + 254 737
>> 811 000
>> www.at.co.ke
>>
>>
>>
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>
> Unsubscribe or change your options at
> https://lists.kictanet.or.ke/mailman/options/kictanet/adam%40varud.com
>
> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
> for people and institutions interested and involved in ICT policy and
> regulation. The network aims to act as a catalyst for reform in the ICT
> sector in support of the national aim of ICT enabled growth and development.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people's times and bandwidth,
> share knowledge, don't flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20140725/b8688697/attachment.htm>