[kictanet] Stung by cyber attacks, State resolves to host websites locally

Mouz mouzmuyer at gmail.com
Fri Jul 25 15:41:08 EAT 2014 

The ICT principal secretary,the National Intelligence Service, Kenya
Defence Forces, CID, CAK director-general and ICT Authority chief executive
think state websites can be made secure simply by moving them to Kenya! We
should be very worried! God-forbid that these hackers should get ideas of
hacking other government systems that are more crucial to us, we will be
annihilated!


On 25 July 2014 14:32, Brian Munyao Longwe via kictanet <
kictanet at lists.kictanet.or.ke> wrote:

> Good step by Government.
>
> First advantage, no foreign government can gain access to our government's
> content though legal (or illegal) intercept.
>
> There will be growing pains as these are preliminary baby steps - but it
> is a move in the right direction IMHO
>
> Mblayo
>
>
> On Fri, Jul 25, 2014 at 11:25 AM, Adam Nelson via kictanet <
> kictanet at lists.kictanet.or.ke> wrote:
>
>> It looks like the sites will be hosted by CAK internally.  Of course,
>> that's a recipe for monoculture and some serious problems around stagnation
>> of eGovernment products.  Smarter would be:
>>
>> 1. Have compulsory training on basic security for all government
>> employees who work in an office.
>> 2. Get all government employees on a modern OS (OS X Mavericks, Windows
>> 8, Ubuntu 14.04, Android 4.4, iOS 7, etc..).  Any hardware than can't
>> support these OSes should be auctioned off.
>> 3. Turn on two-factor authentication wherever possible
>> 4. Aside from totally sensitive information (CBK, MoD, office of
>> President), put everything on a local public cloud like Kili (
>> http://kili.io).
>> 5. Use vendors to do application implementations that are NOT the hosts
>> of the application (i.e. Seven Seas should implement but not be the host
>> and Kili should host but not write the application - this prevents lock-in
>> and staleness which leads to security holes).
>> 6. For deeply sensitive stuff, deploy private clouds that are not
>> connected to the Internet.  Some vendors locally can do this (including
>> Kili of course).
>>
>> -Adam
>>
>> --
>> Kili - Cloud for Africa: kili.io
>> Musings: twitter.com/varud <https://twitter.com/varud>
>> More Musings: varud.com
>> About Adam: www.linkedin.com/in/adamcnelson
>>
>>
>> On Fri, Jul 25, 2014 at 11:05 AM, Mwendwa Kivuva via kictanet <
>> kictanet at lists.kictanet.or.ke> wrote:
>>
>>> All State-owned websites will be hosted locally in order to curb rising
>>> cases of cyber security attacks.
>>>
>>> This was a key resolution at a crisis meeting held on Thursday between
>>> top security officials and the Ministry of ICT.
>>>
>>> Held at Communication Authority of Kenya (CAK), the meeting was called
>>> to discuss the safety preparedness of the government to handle cyber
>>> attacks.
>>>
>>> It comes just days after hacking of the Kenya Defence Forces’ social
>>> media accounts including the official email account of the military
>>> spokesperson Emmanuel Chirchir.
>>>
>>> In attendance were ICT principal secretary Joseph Tiampati,
>>> representatives of the National Intelligence Service, Kenya Defence Forces,
>>> CID, CAK director-general Francis Wangusi and ICT Authority chief executive.
>>>
>>>
>>> http://www.nation.co.ke/business/Cyber-Security-Attacks-ICT-Ministry/-/996/2396632/-/g6u9p4z/-/index.html
>>>
>>>
>>> ______________________
>>> Mwendwa Kivuva, Nairobi, Kenya
>>> twitter.com/lordmwesh
>>>
>>> "There are some men who lift the age they inhabit, till all men walk on
>>> higher ground in that lifetime." - Maxwell Anderson
>>>
>>> _______________________________________________
>>> kictanet mailing list
>>> kictanet at lists.kictanet.or.ke
>>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>>
>>> Unsubscribe or change your options at
>>> https://lists.kictanet.or.ke/mailman/options/kictanet/adam%40varud.com
>>>
>>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>>> for people and institutions interested and involved in ICT policy and
>>> regulation. The network aims to act as a catalyst for reform in the ICT
>>> sector in support of the national aim of ICT enabled growth and development.
>>>
>>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>>> online that you follow in real life: respect people's times and bandwidth,
>>> share knowledge, don't flame or abuse or personalize, respect privacy, do
>>> not spam, do not market your wares or qualifications.
>>>
>>
>>
>> _______________________________________________
>> kictanet mailing list
>> kictanet at lists.kictanet.or.ke
>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>
>> Unsubscribe or change your options at
>> https://lists.kictanet.or.ke/mailman/options/kictanet/blongwe%40gmail.com
>>
>>
>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>> for people and institutions interested and involved in ICT policy and
>> regulation. The network aims to act as a catalyst for reform in the ICT
>> sector in support of the national aim of ICT enabled growth and development.
>>
>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>> online that you follow in real life: respect people's times and bandwidth,
>> share knowledge, don't flame or abuse or personalize, respect privacy, do
>> not spam, do not market your wares or qualifications.
>>
>
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>
> Unsubscribe or change your options at
> https://lists.kictanet.or.ke/mailman/options/kictanet/mouzmuyer%40gmail.com
>
> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
> for people and institutions interested and involved in ICT policy and
> regulation. The network aims to act as a catalyst for reform in the ICT
> sector in support of the national aim of ICT enabled growth and development.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people's times and bandwidth,
> share knowledge, don't flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>



-- 
./mouz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20140725/98089444/attachment.htm>

More information about the KICTANet mailing list