[kictanet] Ring of bank hackers busted - Daily Nation

Stuart Houston shouston at vimak.co.ke
Thu Mar 9 19:08:25 EAT 2017


Thanks Ali for sharing. Interesting, if not all too common story globally.

"A chain is only as strong as its weakest link" comes to mind. The weakest
link being the human element in this case but could also be applicable to
scale with lack of ratifying and enforcing regulation & agreements
nationally and internationally; of which difficulties Gichuki has already
mentioned. From my experience securing systems is the stronger (or at least
easier to implement) part of the chain.

Can regulations particularly for government institutions and large
financials be tightened up? For example, would not a mandatory, regular
security audit by a reputable external firm be able to deter, if not bring
to light such hacking sprees?

Regards
Stuart Houston
IT consultant and project manager
Vimak

Studio House, 5th Floor, Marcus Garvey Rd off Argwings Kodhek Rd

+254 711 231726 | +254 731 993931 | info at vimak.co.ke

This e-mail and any attachments are confidential. They may contain
privileged information and are intended for the named addressee(s) only.
Unless expressly stated, opinions in this e-mail are those of the
individual sender and not of Vimak. Any review, retransmission,
dissemination or other use of, or taking of any action in reliance upon
this information by persons or entities other than the intended recipient
is prohibited. If you are not the intended recipient, please telephone or
e-mail the sender and delete this message and any attachments immediately

On Thu, Mar 9, 2017 at 5:46 PM, Dorcas Muthoni via kictanet <
kictanet at lists.kictanet.or.ke> wrote:

> Exactly Ali, time is now.
>
> On Mar 9, 2017 5:24 PM, "Ali Hussein via kictanet" <
> kictanet at lists.kictanet.or.ke> wrote:
>
>> An opportunity for the community to now insert itself and engage to
>> enhance the bill?
>>
>> *Ali Hussein*
>> *Principal*
>> *Hussein & Associates*
>> +254 0713 601113 <0713%20601113>
>>
>> Twitter: @AliHKassim
>>
>> Skype: abu-jomo
>>
>> LinkedIn: http://ke.linkedin.com/in/alihkassim
>>
>> "We are what we repeatedly do. Excellence, therefore, is not an act but a
>> habit."  ~ Aristotle
>>
>>
>> Sent from my iPad
>>
>> On 9 Mar 2017, at 2:24 PM, kanini mutemi via kictanet <
>> kictanet at lists.kictanet.or.ke> wrote:
>>
>> Enlightening!
>>
>> A quick reading of the now withdrawn Cyber Security and Protection Bill
>> gave a sense that we're still looking at cyber crime with the same eyes
>> that crafted the Penal Code. Simplistic. Retroactive. Without necessarily
>> addressing the unique challenges these crimes present. Perhaps it's time
>> that the government considers actual capacity building in this field (no
>> not just benchmarking visits and one  week courses). For them to regulate
>> this area adequately, they must first understand it's ins and outs.
>>
>> On Thu, Mar 9, 2017 at 2:05 PM, Douglas Gichuki <dgichuki at strathmore.edu>
>> wrote:
>>
>>> Cybercrime,
>>>
>>> As Kanini Mutemi rightly observes Kenya does not possess the
>>> substantive, procedural (legally) institutional and capacity tools to
>>> effectively deal with transnational online criminal activity.
>>>
>>> Cyber-crime (in the substantive forms enumerated in the various bills
>>> doing rounds) presents a simple conundrum for law: a more global law or a
>>> less global internet? What does this mean in practice? First, that we need
>>> a regional instrumen- and then multilateral global instrument that
>>> harmonizes substantive offences (ensuring the principle of double
>>> criminality) and substantive criminal procedure (Arrest Warrants and
>>> Evidence Sharing).
>>>
>>>  This later bit is consequential because extra territorial executive
>>> action is a violation of international law (Lotus- France v Turkey). It is
>>> also crucial to have data frameworks that allow flexibility for law
>>> enforcement (imagine judicial hurdles imposed every time inter state data
>>> transfers are sought by law enforcement).Further, traditional methods of
>>> law enforcement cooperation in the form of Mutual Legal Assistance Treaties
>>> (MLATS) are too cumbersome opaque and resource needy to deal with the agile
>>> needs of volatile data.
>>>
>>> This is fundamental because technologies such as cloud computing and
>>> block chain make a nonsense of the Westphalian model of territory and
>>> jurisdiction.
>>>
>>> regards,
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> On Thu, Mar 9, 2017 at 11:43 AM, kanini mutemi via kictanet <
>>> kictanet at lists.kictanet.or.ke> wrote:
>>>
>>>> This reactionary approach is quite ridiculous. I bet you the
>>>> prosecutors will have a hard time even proving the crime. Some wouldn't
>>>> even know what malware is. Now start explaining Salami to them.
>>>>
>>>> Well it's commendable CA seems to be doing something in this space
>>>> http://www.nation.co.ke/news/Communication-Authority-open-ce
>>>> ntre-to-combat-cyber-crime/1056-3405682-5hjk2pz/index.html
>>>>
>>>> However, why open a centre for the sole purpose of reporting and
>>>> investigating claims? Proactivity would be a better approach. The irony is
>>>> how the CIA has taken this 'precautionary approach' to the next level as
>>>> seen with the wikileaks dump.
>>>>
>>>>
>>>> On Thu, Mar 9, 2017 at 7:26 AM, Mark Kipyegon via kictanet <
>>>> kictanet at lists.kictanet.or.ke> wrote:
>>>>
>>>>> Even with the collusion claimed in the article, the failure of controls
>>>>> that should prevent unauthorised physical and remote access to systems
>>>>> is quite troubling.
>>>>>
>>>>> On 09/03/2017 06:18, kictanet-request at lists.kictanet.or.ke wrote:
>>>>> >
>>>>> > Today we get a glimpse of the magnitude of cyber crime in the
>>>>> country.
>>>>> >
>>>>> > Kenya Revenue Authority, several blue-chip banks, a parastatal and a
>>>>> supermarket chain are some of the institutions penetrated by an
>>>>> international cybercrime syndicate that took off with hundreds of millions
>>>>> of shillings ? before they were all seized on Monday and Tuesday.
>>>>> >
>>>>> > Read on:-
>>>>> >
>>>>> > http://www.nation.co.ke/news/Police-bust-ring-of-hackers/105
>>>>> 6-3842558-11h7q5xz/index.html
>>>>> >
>>>>> >
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> kictanet mailing list
>>>>> kictanet at lists.kictanet.or.ke
>>>>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>>>> Twitter: http://twitter.com/kictanet
>>>>> Facebook: https://www.facebook.com/KICTANet/
>>>>>
>>>>> Unsubscribe or change your options at https://lists.kictanet.or.ke/m
>>>>> ailman/options/kictanet/kaninimutemi%40gmail.com
>>>>>
>>>>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder
>>>>> platform for people and institutions interested and involved in ICT policy
>>>>> and regulation. The network aims to act as a catalyst for reform in the ICT
>>>>> sector in support of the national aim of ICT enabled growth and development.
>>>>>
>>>>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>>>>> online that you follow in real life: respect people's times and bandwidth,
>>>>> share knowledge, don't flame or abuse or personalize, respect privacy, do
>>>>> not spam, do not market your wares or qualifications.
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> *Mercy Mutemi, Advocate*.
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> kictanet mailing list
>>>> kictanet at lists.kictanet.or.ke
>>>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>>> Twitter: http://twitter.com/kictanet
>>>> Facebook: https://www.facebook.com/KICTANet/
>>>>
>>>> Unsubscribe or change your options at https://lists.kictanet.or.ke/m
>>>> ailman/options/kictanet/dgichuki%40strathmore.edu
>>>>
>>>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>>>> for people and institutions interested and involved in ICT policy and
>>>> regulation. The network aims to act as a catalyst for reform in the ICT
>>>> sector in support of the national aim of ICT enabled growth and development.
>>>>
>>>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>>>> online that you follow in real life: respect people's times and bandwidth,
>>>> share knowledge, don't flame or abuse or personalize, respect privacy, do
>>>> not spam, do not market your wares or qualifications.
>>>>
>>>
>>>
>>> *Note: *All emails sent from Strathmore University are subject to
>>> Strathmore’s Email Terms & Conditions. Please click here
>>> <http://www.strathmore.edu/en/email-policy> to read the policy.
>>>
>>> "Visit our Facebook <https://www.facebook.com/StrathmoreUniversity>Page
>>> and Twitter <https://twitter.com/StrathU>Account".
>>>
>>
>>
>>
>> --
>> *Mercy Mutemi, Advocate*.
>>
>>
>>
>> _______________________________________________
>> kictanet mailing list
>> kictanet at lists.kictanet.or.ke
>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>> Twitter: http://twitter.com/kictanet
>> Facebook: https://www.facebook.com/KICTANet/
>>
>> Unsubscribe or change your options at https://lists.kictanet.or.ke/m
>> ailman/options/kictanet/info%40alyhussein.com
>>
>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>> for people and institutions interested and involved in ICT policy and
>> regulation. The network aims to act as a catalyst for reform in the ICT
>> sector in support of the national aim of ICT enabled growth and development.
>>
>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>> online that you follow in real life: respect people's times and bandwidth,
>> share knowledge, don't flame or abuse or personalize, respect privacy, do
>> not spam, do not market your wares or qualifications.
>>
>>
>> _______________________________________________
>> kictanet mailing list
>> kictanet at lists.kictanet.or.ke
>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>> Twitter: http://twitter.com/kictanet
>> Facebook: https://www.facebook.com/KICTANet/
>>
>> Unsubscribe or change your options at https://lists.kictanet.or.ke/m
>> ailman/options/kictanet/dmuthoni%40gmail.com
>>
>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>> for people and institutions interested and involved in ICT policy and
>> regulation. The network aims to act as a catalyst for reform in the ICT
>> sector in support of the national aim of ICT enabled growth and development.
>>
>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>> online that you follow in real life: respect people's times and bandwidth,
>> share knowledge, don't flame or abuse or personalize, respect privacy, do
>> not spam, do not market your wares or qualifications.
>>
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
> Twitter: http://twitter.com/kictanet
> Facebook: https://www.facebook.com/KICTANet/
>
> Unsubscribe or change your options at https://lists.kictanet.or.ke/
> mailman/options/kictanet/shouston%40vimak.co.ke
>
> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
> for people and institutions interested and involved in ICT policy and
> regulation. The network aims to act as a catalyst for reform in the ICT
> sector in support of the national aim of ICT enabled growth and development.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people's times and bandwidth,
> share knowledge, don't flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20170309/6311aeca/attachment.htm>


More information about the KICTANet mailing list