[kictanet] Ring of bank hackers busted - Daily Nation
Rosemary Koech-Kimwatu
chemukoechk at gmail.com
Thu Mar 9 20:35:40 EAT 2017
Stuart,
Your suggestion makes practical sense, before a core banking system is
installed penetration testing is carried out, how often are audits
carried out after?
As we seek to get legislation there needs to be a practical merger between
prospective laws and practice to ensure that laws if passed will adequately
prevent the vice.
Kind regards,
Rosemary Koech-Kimwatu
Advocate
On Mar 9, 2017 19:09, "Stuart Houston via kictanet" <
kictanet at lists.kictanet.or.ke> wrote:
> Thanks Ali for sharing. Interesting, if not all too common story globally.
>
> "A chain is only as strong as its weakest link" comes to mind. The weakest
> link being the human element in this case but could also be applicable to
> scale with lack of ratifying and enforcing regulation & agreements
> nationally and internationally; of which difficulties Gichuki has already
> mentioned. From my experience securing systems is the stronger (or at least
> easier to implement) part of the chain.
>
> Can regulations particularly for government institutions and large
> financials be tightened up? For example, would not a mandatory, regular
> security audit by a reputable external firm be able to deter, if not bring
> to light such hacking sprees?
>
> Regards
> Stuart Houston
> IT consultant and project manager
> Vimak
>
> Studio House, 5th Floor, Marcus Garvey Rd off Argwings Kodhek Rd
>
> +254 711 231726 | +254 731 993931 | info at vimak.co.ke
>
> This e-mail and any attachments are confidential. They may contain
> privileged information and are intended for the named addressee(s) only.
> Unless expressly stated, opinions in this e-mail are those of the
> individual sender and not of Vimak. Any review, retransmission,
> dissemination or other use of, or taking of any action in reliance upon
> this information by persons or entities other than the intended recipient
> is prohibited. If you are not the intended recipient, please telephone or
> e-mail the sender and delete this message and any attachments immediately
>
> On Thu, Mar 9, 2017 at 5:46 PM, Dorcas Muthoni via kictanet <
> kictanet at lists.kictanet.or.ke> wrote:
>
>> Exactly Ali, time is now.
>>
>> On Mar 9, 2017 5:24 PM, "Ali Hussein via kictanet" <
>> kictanet at lists.kictanet.or.ke> wrote:
>>
>>> An opportunity for the community to now insert itself and engage to
>>> enhance the bill?
>>>
>>> *Ali Hussein*
>>> *Principal*
>>> *Hussein & Associates*
>>> +254 0713 601113 <0713%20601113>
>>>
>>> Twitter: @AliHKassim
>>>
>>> Skype: abu-jomo
>>>
>>> LinkedIn: http://ke.linkedin.com/in/alihkassim
>>>
>>> "We are what we repeatedly do. Excellence, therefore, is not an act but
>>> a habit." ~ Aristotle
>>>
>>>
>>> Sent from my iPad
>>>
>>> On 9 Mar 2017, at 2:24 PM, kanini mutemi via kictanet <
>>> kictanet at lists.kictanet.or.ke> wrote:
>>>
>>> Enlightening!
>>>
>>> A quick reading of the now withdrawn Cyber Security and Protection Bill
>>> gave a sense that we're still looking at cyber crime with the same eyes
>>> that crafted the Penal Code. Simplistic. Retroactive. Without necessarily
>>> addressing the unique challenges these crimes present. Perhaps it's time
>>> that the government considers actual capacity building in this field (no
>>> not just benchmarking visits and one week courses). For them to regulate
>>> this area adequately, they must first understand it's ins and outs.
>>>
>>> On Thu, Mar 9, 2017 at 2:05 PM, Douglas Gichuki <dgichuki at strathmore.edu
>>> > wrote:
>>>
>>>> Cybercrime,
>>>>
>>>> As Kanini Mutemi rightly observes Kenya does not possess the
>>>> substantive, procedural (legally) institutional and capacity tools to
>>>> effectively deal with transnational online criminal activity.
>>>>
>>>> Cyber-crime (in the substantive forms enumerated in the various bills
>>>> doing rounds) presents a simple conundrum for law: a more global law or a
>>>> less global internet? What does this mean in practice? First, that we need
>>>> a regional instrumen- and then multilateral global instrument that
>>>> harmonizes substantive offences (ensuring the principle of double
>>>> criminality) and substantive criminal procedure (Arrest Warrants and
>>>> Evidence Sharing).
>>>>
>>>> This later bit is consequential because extra territorial executive
>>>> action is a violation of international law (Lotus- France v Turkey). It is
>>>> also crucial to have data frameworks that allow flexibility for law
>>>> enforcement (imagine judicial hurdles imposed every time inter state data
>>>> transfers are sought by law enforcement).Further, traditional methods of
>>>> law enforcement cooperation in the form of Mutual Legal Assistance Treaties
>>>> (MLATS) are too cumbersome opaque and resource needy to deal with the agile
>>>> needs of volatile data.
>>>>
>>>> This is fundamental because technologies such as cloud computing and
>>>> block chain make a nonsense of the Westphalian model of territory and
>>>> jurisdiction.
>>>>
>>>> regards,
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Thu, Mar 9, 2017 at 11:43 AM, kanini mutemi via kictanet <
>>>> kictanet at lists.kictanet.or.ke> wrote:
>>>>
>>>>> This reactionary approach is quite ridiculous. I bet you the
>>>>> prosecutors will have a hard time even proving the crime. Some wouldn't
>>>>> even know what malware is. Now start explaining Salami to them.
>>>>>
>>>>> Well it's commendable CA seems to be doing something in this space
>>>>> http://www.nation.co.ke/news/Communication-Authority-open-ce
>>>>> ntre-to-combat-cyber-crime/1056-3405682-5hjk2pz/index.html
>>>>>
>>>>> However, why open a centre for the sole purpose of reporting and
>>>>> investigating claims? Proactivity would be a better approach. The irony is
>>>>> how the CIA has taken this 'precautionary approach' to the next level as
>>>>> seen with the wikileaks dump.
>>>>>
>>>>>
>>>>> On Thu, Mar 9, 2017 at 7:26 AM, Mark Kipyegon via kictanet <
>>>>> kictanet at lists.kictanet.or.ke> wrote:
>>>>>
>>>>>> Even with the collusion claimed in the article, the failure of
>>>>>> controls
>>>>>> that should prevent unauthorised physical and remote access to systems
>>>>>> is quite troubling.
>>>>>>
>>>>>> On 09/03/2017 06:18, kictanet-request at lists.kictanet.or.ke wrote:
>>>>>> >
>>>>>> > Today we get a glimpse of the magnitude of cyber crime in the
>>>>>> country.
>>>>>> >
>>>>>> > Kenya Revenue Authority, several blue-chip banks, a parastatal and
>>>>>> a supermarket chain are some of the institutions penetrated by an
>>>>>> international cybercrime syndicate that took off with hundreds of millions
>>>>>> of shillings ? before they were all seized on Monday and Tuesday.
>>>>>> >
>>>>>> > Read on:-
>>>>>> >
>>>>>> > http://www.nation.co.ke/news/Police-bust-ring-of-hackers/105
>>>>>> 6-3842558-11h7q5xz/index.html
>>>>>> >
>>>>>> >
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> kictanet mailing list
>>>>>> kictanet at lists.kictanet.or.ke
>>>>>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>>>>> Twitter: http://twitter.com/kictanet
>>>>>> Facebook: https://www.facebook.com/KICTANet/
>>>>>>
>>>>>> Unsubscribe or change your options at https://lists.kictanet.or.ke/m
>>>>>> ailman/options/kictanet/kaninimutemi%40gmail.com
>>>>>>
>>>>>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder
>>>>>> platform for people and institutions interested and involved in ICT policy
>>>>>> and regulation. The network aims to act as a catalyst for reform in the ICT
>>>>>> sector in support of the national aim of ICT enabled growth and development.
>>>>>>
>>>>>> KICTANetiquette : Adhere to the same standards of acceptable
>>>>>> behaviors online that you follow in real life: respect people's times and
>>>>>> bandwidth, share knowledge, don't flame or abuse or personalize, respect
>>>>>> privacy, do not spam, do not market your wares or qualifications.
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> *Mercy Mutemi, Advocate*.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> kictanet mailing list
>>>>> kictanet at lists.kictanet.or.ke
>>>>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>>>> Twitter: http://twitter.com/kictanet
>>>>> Facebook: https://www.facebook.com/KICTANet/
>>>>>
>>>>> Unsubscribe or change your options at https://lists.kictanet.or.ke/m
>>>>> ailman/options/kictanet/dgichuki%40strathmore.edu
>>>>>
>>>>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder
>>>>> platform for people and institutions interested and involved in ICT policy
>>>>> and regulation. The network aims to act as a catalyst for reform in the ICT
>>>>> sector in support of the national aim of ICT enabled growth and development.
>>>>>
>>>>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>>>>> online that you follow in real life: respect people's times and bandwidth,
>>>>> share knowledge, don't flame or abuse or personalize, respect privacy, do
>>>>> not spam, do not market your wares or qualifications.
>>>>>
>>>>
>>>>
>>>> *Note: *All emails sent from Strathmore University are subject to
>>>> Strathmore’s Email Terms & Conditions. Please click here
>>>> <http://www.strathmore.edu/en/email-policy> to read the policy.
>>>>
>>>> "Visit our Facebook <https://www.facebook.com/StrathmoreUniversity>Page
>>>> and Twitter <https://twitter.com/StrathU>Account".
>>>>
>>>
>>>
>>>
>>> --
>>> *Mercy Mutemi, Advocate*.
>>>
>>>
>>>
>>> _______________________________________________
>>> kictanet mailing list
>>> kictanet at lists.kictanet.or.ke
>>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>> Twitter: http://twitter.com/kictanet
>>> Facebook: https://www.facebook.com/KICTANet/
>>>
>>> Unsubscribe or change your options at https://lists.kictanet.or.ke/m
>>> ailman/options/kictanet/info%40alyhussein.com
>>>
>>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>>> for people and institutions interested and involved in ICT policy and
>>> regulation. The network aims to act as a catalyst for reform in the ICT
>>> sector in support of the national aim of ICT enabled growth and development.
>>>
>>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>>> online that you follow in real life: respect people's times and bandwidth,
>>> share knowledge, don't flame or abuse or personalize, respect privacy, do
>>> not spam, do not market your wares or qualifications.
>>>
>>>
>>> _______________________________________________
>>> kictanet mailing list
>>> kictanet at lists.kictanet.or.ke
>>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>> Twitter: http://twitter.com/kictanet
>>> Facebook: https://www.facebook.com/KICTANet/
>>>
>>> Unsubscribe or change your options at https://lists.kictanet.or.ke/m
>>> ailman/options/kictanet/dmuthoni%40gmail.com
>>>
>>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>>> for people and institutions interested and involved in ICT policy and
>>> regulation. The network aims to act as a catalyst for reform in the ICT
>>> sector in support of the national aim of ICT enabled growth and development.
>>>
>>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>>> online that you follow in real life: respect people's times and bandwidth,
>>> share knowledge, don't flame or abuse or personalize, respect privacy, do
>>> not spam, do not market your wares or qualifications.
>>>
>>
>> _______________________________________________
>> kictanet mailing list
>> kictanet at lists.kictanet.or.ke
>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>> Twitter: http://twitter.com/kictanet
>> Facebook: https://www.facebook.com/KICTANet/
>>
>> Unsubscribe or change your options at https://lists.kictanet.or.ke/m
>> ailman/options/kictanet/shouston%40vimak.co.ke
>>
>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>> for people and institutions interested and involved in ICT policy and
>> regulation. The network aims to act as a catalyst for reform in the ICT
>> sector in support of the national aim of ICT enabled growth and development.
>>
>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>> online that you follow in real life: respect people's times and bandwidth,
>> share knowledge, don't flame or abuse or personalize, respect privacy, do
>> not spam, do not market your wares or qualifications.
>>
>
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
> Twitter: http://twitter.com/kictanet
> Facebook: https://www.facebook.com/KICTANet/
>
> Unsubscribe or change your options at https://lists.kictanet.or.ke/
> mailman/options/kictanet/chemukoechk%40gmail.com
>
> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
> for people and institutions interested and involved in ICT policy and
> regulation. The network aims to act as a catalyst for reform in the ICT
> sector in support of the national aim of ICT enabled growth and development.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people's times and bandwidth,
> share knowledge, don't flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20170309/04713863/attachment.htm>
More information about the KICTANet
mailing list