[kictanet] Fwd: [i-network] [Action requise] cyber security situational awareness (Reports from CA?)

Bitange Ndemo bndemo at bitangendemo.me
Sun Sep 17 16:08:53 EAT 2017


The link below on WEF Digital Policy will be of interest to the ICT
community in Kenya.
http://www3.weforum.org/docs/White_Paper_Digital_Policy_Playbook_Approaches_National_Digital_Governance_report_2017.pdf

Ndemo.

On Wed, Sep 13, 2017 at 9:58 AM, Barrack Otieno via kictanet <
kictanet at lists.kictanet.or.ke> wrote:

> Listers,
>
> Just following this from our semejis or is it shemjis across the border.
> Is it possible for CA to avail this kind of reports to the community?
>
> Regards
> ---------- Forwarded message ----------
> From: Margaret Sevume <sevume at i-network.or.ug>
> Date: Tue, Sep 12, 2017 at 2:25 PM
> Subject: [i-network] [Action requise] cyber security situational awareness
> To: I-Network Uganda <i-network at dgroups.org>
>
>
> From Uganda Computer Emergency Response Team CERT (UCC) …….
>
> Good morning Ladies and Gentlemen,
>
>
>
> The CERT maintains a research honeypot which is run to gather information
> about the motives and tactics of  hacker  communities targeting different
> networks. The primary objective of the honeypot is to provide cyber
> security situational intelligence and also to research the threats that
> operators face and to learn how to better protect against those threats.
>
> From the gathered information we note that at one any time we are under
> attack either directly or indirectly.
>
>
>
> Over the last 24 hours we see *persistent  attacks* from the following
> sources (countries). This information confirms the fact that cyber-attacks
> are real happenings and are a global problem.
>
>
>
>
>
> *Country *
>
> *Count*
>
> 1
>
> China
>
> 1,728
>
> 2
>
> Brazil
>
> 785
>
> 3
>
> Ukraine
>
> 734
>
> 4
>
> United States
>
> 727
>
> 5
>
> Russia
>
> 674
>
> 6
>
> France
>
> 655
>
> 7
>
> Czechia
>
> 635
>
> 8
>
> Argentina
>
> 468
>
> 9
>
> Iraq
>
> 378
>
> 10
>
> Mexico
>
> 295
>
>
>
> We note the attacks are geared towards the following ports, with traffic
> mismatch. For example we note SIP traffic being routed to port 80, yet SIP
> traffic uses port 5060 and 5061 for communications.
>
>
>
> *dest_port*
>
> *count*
>
> 22
>
> 4262
>
> 23
>
> 1481
>
> 80
>
> 1325
>
> 5060
>
> 1201
>
> 5358
>
> 145
>
> 3389
>
> 122
>
> 2323
>
> 77
>
> 8080
>
> 72
>
> 8545
>
> 65
>
> 443
>
> 57
>
>
>
>
>
> Similarly, we note the following usernames /passwords  are the most
> commonly used for attempted account hijacking;
>
>
>
> *Top Usernames *
>
> *Top Passwords*
>
> 1
>
> Admin
>
> support
>
> 2
>
> Support
>
> admin
>
> 3
>
> User
>
> password
>
> 4
>
> Administrator
>
> 1234
>
> 5
>
> Default
>
> Default
>
>
>
> We strongly encourage you to avoid using the above usernames or passwords
> as they are the most commonly used for account hijacking. Most computing
> devices use the above usernames by default, it is recommended you change
> the usernames to those that are not easily guessed or used.
>
> Regards
>
> [image: cid:image001.png at 01D1F7B2.828CF410]
>
> *COMPUTER EMERGENCY RESPONSE TEAM *
>
> Uganda Communications Commission
>
> 42-44, Spring Road - Bugolobi
> <https://maps.google.com/?q=42-44,+Spring+Road+-+Bugolobi&entry=gmail&source=g>,
> P.O Box 7376 Kampala.
>
> Toll free: 0800 133 911   *www.ug-cert.ug <http://www.ug-cert.ug>*
>
> [image: cid:image002.png at 01D1EF38.16ED9110]
> <https://www.facebook.com/UgCERT> [image:
> cid:image003.png at 01D1EF38.16ED9110] <https://twitter.com/UgCERT>
>
>
>
>
>
> You are receiving this message because you are a leader of the community I-Network
> Uganda <https://dgroups.org/iicd/i-network>. All community leaders
> receive these notifications immediately regardless of their email settings
> for this community.
> MAILING LIST RULES - http://www.i-network.or.ug/ind
> ex.php?option=com_content&view=article&id=189&Itemid=193
>
> WEEKLY DISCUSSION ROUNDUPS - http://www.i-network.or.ug/ind
> ex.php?option=com_content&view=category&id=191&Itemid=208
>
> QUARTERLY eNEWSLETTERS - http://www.i-network.or.ug/ind
> ex.php?option=com_content&view=section&id=34&Itemid=194
>
> WEBSITE - www.i-network.or.ug
>
> TWITTER - http://twitter.com/inetwork
>
> FACEBOOK - https://www.facebook.com/inetwork.ug
>
> The I-Network Dgroup is a platform for ICT Knowledge Sharing
>
>
> ------------------------------------------------------------
> ---------------------
> Visit [web site]( http://dgroups.org/iicd/i-network/ )
> Click [here]( mailto:leave.i-network at dgroups.org ) to unsubscribe
> The email is intended only for the recipients. The owners of the Dgroups
> cannot be held responsible for the contents of the email message.
>
>
>
>
>
>
> --
> Barrack O. Otieno
> +254721325277
> +254733206359
> Skype: barrack.otieno
> PGP ID: 0x2611D86A
>
>
>
>
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
> Twitter: http://twitter.com/kictanet
> Facebook: https://www.facebook.com/KICTANet/
>
> Unsubscribe or change your options at https://lists.kictanet.or.ke/
> mailman/options/kictanet/bndemo%40bitangendemo.me
>
> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
> for people and institutions interested and involved in ICT policy and
> regulation. The network aims to act as a catalyst for reform in the ICT
> sector in support of the national aim of ICT enabled growth and development.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people's times and bandwidth,
> share knowledge, don't flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20170917/a45c4b74/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 3489 bytes
Desc: not available
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20170917/a45c4b74/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 9894 bytes
Desc: not available
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20170917/a45c4b74/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 3655 bytes
Desc: not available
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20170917/a45c4b74/attachment-0002.png>


More information about the KICTANet mailing list