am totally, impressed....someone needs to give this guy a job, the CERT, team?<br><br>Kind Regards, <br><br clear="all">“To live is to choose. But to choose well, you must know who you are and what you stand for, where you want to go and why you want to get there.” Kofi Annan<br>
<br><br><div class="gmail_quote">On Tue, Jan 17, 2012 at 6:48 PM, Walubengo J <span dir="ltr"><<a href="mailto:jwalu@yahoo.com">jwalu@yahoo.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr><td style="font:inherit" valign="top">True that Dr. Siganga,<br><br>we probably need the broad principles and practices of <a href="http://www.isaca.org" target="_blank">www.isaca.org</a> after all.<br>
<br>walu.<br><br>--- On <b>Tue, 1/17/12, waudo siganga <i><<a href="mailto:emailsignet@mailcan.com" target="_blank">emailsignet@mailcan.com</a>></i></b> wrote:<br><blockquote style="border-left:2px solid rgb(16,16,255);margin-left:5px;padding-left:5px">
<br>From: waudo siganga <<a href="mailto:emailsignet@mailcan.com" target="_blank">emailsignet@mailcan.com</a>><div class="im"><br>Subject: Re: [kictanet] Government website Hacking incident a crying shame<br></div>To: <a href="mailto:jwalu@yahoo.com" target="_blank">jwalu@yahoo.com</a><br>
Cc: "KICTAnet ICT Policy Discussions" <<a href="mailto:kictanet@lists.kictanet.or.ke" target="_blank">kictanet@lists.kictanet.or.ke</a>><br>Date: Tuesday, January 17, 2012, 6:42 PM<div><div></div><div class="h5">
<br><br><div>
<div><div style="font-family:Arial;font-size:medium" dir="ltr"><div>
Thanks for the news Brian. This is a big shame for all Kenyans that our Government sites can be hacked by a simpleton. It is important to establish who in the maze of ICT Governance in the Government is responsible for Government sites and what coordination there is between different agencies and ministries. Are there appropriate ICT Policies in place covering areas such as Hosting Policy, Server Back-up Policy, etc? Is there regular ICT Audit of Government systems and methods to ensure that they conform to recognised standards and are acceptably safe and secure? Some learning should come out of this incident.</div>
<div>
<div>
<div>
</div>
<div>
</div>
<div>
On Tue, Jan 17, 2012, at 04:09 PM, Brian Munyao Longwe wrote:</div>
<blockquote type="cite">
<div>
</div>
The fact that a student on a hacking/computer security course could hack into and deface more than 100 Government of Kenya websites<span style="font-weight:bold"> in one night(!)</span> is a crying shame. In addition to that, the fact that it seems all or most of these sites were hosted on a single server is a travesty of best practice.
<div>
</div>
<div>
Is it so difficult for GoK to invite (readily available) information security experts to design and implement a suitable online information framework for public government websites?</div>
<div>
</div>
<div>
Shaking my head,</div>
<div>
</div>
<div>
Brian<br clear="all">
<div>
</div>
--<br>
Brian Munyao Longwe<br>
e-mail: <a rel="nofollow" href="http://mc/compose?to=blongwe@gmail.com" target="_blank">blongwe@gmail.com</a><br>
cell: +254715964281<br>
blog : <a rel="nofollow" href="http://zinjlog.blogspot.com" target="_blank">http://zinjlog.blogspot.com</a><br>
meta-blog: <a rel="nofollow" href="http://mashilingi.blogspot.com" target="_blank">http://mashilingi.blogspot.com</a></div>
<pre>_______________________________________________<br>kictanet mailing list<br><a href="mailto:kictanet@lists.kictanet.or.ke" target="_blank">kictanet@lists.kictanet.or.ke</a><br><a href="http://lists.kictanet.or.ke/mailman/listinfo/kictanet" target="_blank">http://lists.kictanet.or.ke/mailman/listinfo/kictanet</a><br>
<br>Unsubscribe or change your options at <a href="http://lists.kictanet.or.ke/mailman/options/kictanet/emailsignet%40mailcan.com" target="_blank">http://lists.kictanet.or.ke/mailman/options/kictanet/emailsignet%40mailcan.com</a><br>
<br>The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.<br>
<br>KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.<br>
</pre>
</blockquote>
</div>
</div>
<div>
</div>
</div></div></div><br></div></div>-----Inline Attachment Follows-----<br><br><div><div class="im">_______________________________________________<br>kictanet mailing list<br><a href="http://mc/compose?to=kictanet@lists.kictanet.or.ke" target="_blank">kictanet@lists.kictanet.or.ke</a><br>
<a href="http://lists.kictanet.or.ke/mailman/listinfo/kictanet" target="_blank">http://lists.kictanet.or.ke/mailman/listinfo/kictanet</a><br><br></div>Unsubscribe or change your options at <a href="http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com" target="_blank">http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com</a><div class="im">
<br><br>The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and
development.<br><br>KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.</div>
</div></blockquote></td></tr></tbody></table><br>_______________________________________________<br>
kictanet mailing list<br>
<a href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a><br>
<a href="http://lists.kictanet.or.ke/mailman/listinfo/kictanet" target="_blank">http://lists.kictanet.or.ke/mailman/listinfo/kictanet</a><br>
<br>
Unsubscribe or change your options at <a href="http://lists.kictanet.or.ke/mailman/options/kictanet/judyokite%40gmail.com" target="_blank">http://lists.kictanet.or.ke/mailman/options/kictanet/judyokite%40gmail.com</a><br>
<br>
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.<br>
<br>
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.<br>
</blockquote></div><br>