[kictanet] Fwd: [i-network] [Action requise] cyber security situational awareness (Reports from CA?)

Barrack Otieno otieno.barrack at gmail.com
Sun Sep 17 17:11:52 EAT 2017


Dear Dr. Ndemo,

Many thanks for the great document, it seems we have stalled on the
innovation front and are simply piggybacking, your thoughts on how we
can get out of the rut?

Regards

On 9/17/17, Bitange Ndemo <bndemo at bitangendemo.me> wrote:
> The link below on WEF Digital Policy will be of interest to the ICT
> community in Kenya.
> http://www3.weforum.org/docs/White_Paper_Digital_Policy_Playbook_Approaches_National_Digital_Governance_report_2017.pdf
>
> Ndemo.
>
> On Wed, Sep 13, 2017 at 9:58 AM, Barrack Otieno via kictanet <
> kictanet at lists.kictanet.or.ke> wrote:
>
>> Listers,
>>
>> Just following this from our semejis or is it shemjis across the border.
>> Is it possible for CA to avail this kind of reports to the community?
>>
>> Regards
>> ---------- Forwarded message ----------
>> From: Margaret Sevume <sevume at i-network.or.ug>
>> Date: Tue, Sep 12, 2017 at 2:25 PM
>> Subject: [i-network] [Action requise] cyber security situational
>> awareness
>> To: I-Network Uganda <i-network at dgroups.org>
>>
>>
>> From Uganda Computer Emergency Response Team CERT (UCC) …….
>>
>> Good morning Ladies and Gentlemen,
>>
>>
>>
>> The CERT maintains a research honeypot which is run to gather information
>> about the motives and tactics of  hacker  communities targeting different
>> networks. The primary objective of the honeypot is to provide cyber
>> security situational intelligence and also to research the threats that
>> operators face and to learn how to better protect against those threats.
>>
>> From the gathered information we note that at one any time we are under
>> attack either directly or indirectly.
>>
>>
>>
>> Over the last 24 hours we see *persistent  attacks* from the following
>> sources (countries). This information confirms the fact that
>> cyber-attacks
>> are real happenings and are a global problem.
>>
>>
>>
>>
>>
>> *Country *
>>
>> *Count*
>>
>> 1
>>
>> China
>>
>> 1,728
>>
>> 2
>>
>> Brazil
>>
>> 785
>>
>> 3
>>
>> Ukraine
>>
>> 734
>>
>> 4
>>
>> United States
>>
>> 727
>>
>> 5
>>
>> Russia
>>
>> 674
>>
>> 6
>>
>> France
>>
>> 655
>>
>> 7
>>
>> Czechia
>>
>> 635
>>
>> 8
>>
>> Argentina
>>
>> 468
>>
>> 9
>>
>> Iraq
>>
>> 378
>>
>> 10
>>
>> Mexico
>>
>> 295
>>
>>
>>
>> We note the attacks are geared towards the following ports, with traffic
>> mismatch. For example we note SIP traffic being routed to port 80, yet
>> SIP
>> traffic uses port 5060 and 5061 for communications.
>>
>>
>>
>> *dest_port*
>>
>> *count*
>>
>> 22
>>
>> 4262
>>
>> 23
>>
>> 1481
>>
>> 80
>>
>> 1325
>>
>> 5060
>>
>> 1201
>>
>> 5358
>>
>> 145
>>
>> 3389
>>
>> 122
>>
>> 2323
>>
>> 77
>>
>> 8080
>>
>> 72
>>
>> 8545
>>
>> 65
>>
>> 443
>>
>> 57
>>
>>
>>
>>
>>
>> Similarly, we note the following usernames /passwords  are the most
>> commonly used for attempted account hijacking;
>>
>>
>>
>> *Top Usernames *
>>
>> *Top Passwords*
>>
>> 1
>>
>> Admin
>>
>> support
>>
>> 2
>>
>> Support
>>
>> admin
>>
>> 3
>>
>> User
>>
>> password
>>
>> 4
>>
>> Administrator
>>
>> 1234
>>
>> 5
>>
>> Default
>>
>> Default
>>
>>
>>
>> We strongly encourage you to avoid using the above usernames or passwords
>> as they are the most commonly used for account hijacking. Most computing
>> devices use the above usernames by default, it is recommended you change
>> the usernames to those that are not easily guessed or used.
>>
>> Regards
>>
>> [image: cid:image001.png at 01D1F7B2.828CF410]
>>
>> *COMPUTER EMERGENCY RESPONSE TEAM *
>>
>> Uganda Communications Commission
>>
>> 42-44, Spring Road - Bugolobi
>> <https://maps.google.com/?q=42-44,+Spring+Road+-+Bugolobi&entry=gmail&source=g>,
>> P.O Box 7376 Kampala.
>>
>> Toll free: 0800 133 911   *www.ug-cert.ug <http://www.ug-cert.ug>*
>>
>> [image: cid:image002.png at 01D1EF38.16ED9110]
>> <https://www.facebook.com/UgCERT> [image:
>> cid:image003.png at 01D1EF38.16ED9110] <https://twitter.com/UgCERT>
>>
>>
>>
>>
>>
>> You are receiving this message because you are a leader of the community
>> I-Network
>> Uganda <https://dgroups.org/iicd/i-network>. All community leaders
>> receive these notifications immediately regardless of their email
>> settings
>> for this community.
>> MAILING LIST RULES - http://www.i-network.or.ug/ind
>> ex.php?option=com_content&view=article&id=189&Itemid=193
>>
>> WEEKLY DISCUSSION ROUNDUPS - http://www.i-network.or.ug/ind
>> ex.php?option=com_content&view=category&id=191&Itemid=208
>>
>> QUARTERLY eNEWSLETTERS - http://www.i-network.or.ug/ind
>> ex.php?option=com_content&view=section&id=34&Itemid=194
>>
>> WEBSITE - www.i-network.or.ug
>>
>> TWITTER - http://twitter.com/inetwork
>>
>> FACEBOOK - https://www.facebook.com/inetwork.ug
>>
>> The I-Network Dgroup is a platform for ICT Knowledge Sharing
>>
>>
>> ------------------------------------------------------------
>> ---------------------
>> Visit [web site]( http://dgroups.org/iicd/i-network/ )
>> Click [here]( mailto:leave.i-network at dgroups.org ) to unsubscribe
>> The email is intended only for the recipients. The owners of the Dgroups
>> cannot be held responsible for the contents of the email message.
>>
>>
>>
>>
>>
>>
>> --
>> Barrack O. Otieno
>> +254721325277
>> +254733206359
>> Skype: barrack.otieno
>> PGP ID: 0x2611D86A
>>
>>
>>
>>
>>
>> _______________________________________________
>> kictanet mailing list
>> kictanet at lists.kictanet.or.ke
>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>> Twitter: http://twitter.com/kictanet
>> Facebook: https://www.facebook.com/KICTANet/
>>
>> Unsubscribe or change your options at https://lists.kictanet.or.ke/
>> mailman/options/kictanet/bndemo%40bitangendemo.me
>>
>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>> for people and institutions interested and involved in ICT policy and
>> regulation. The network aims to act as a catalyst for reform in the ICT
>> sector in support of the national aim of ICT enabled growth and
>> development.
>>
>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>> online that you follow in real life: respect people's times and
>> bandwidth,
>> share knowledge, don't flame or abuse or personalize, respect privacy, do
>> not spam, do not market your wares or qualifications.
>>
>>
>


-- 
Barrack O. Otieno
+254721325277
+254733206359
Skype: barrack.otieno
PGP ID: 0x2611D86A




More information about the KICTANet mailing list