Thanks Michuki for insights on the internet risks. Very useful and relevant to entities getting online, particularly the point on social engineering/vulnerability. Human beings are often the weakest link in a security chain. Thats why we still have the so-called Nigerian Scam mails and Phishing attacks still going strong. Indeed something to worry about. Anybody with other threat examples? walu. --- Michuki Mwangi <michuki@swiftkenya.com> wrote:
Walu,
John Walubengo wrote:
We need to think like hackers here. Assuming you had
the
time, the motive and the skill, what would you want to lay your hands on from the e-Regulators?
A hackers world is driven by "bragging rights" which elevates an individual from a n00b (a newbie) giving them access to various h4ckers forums especially on IRC chats where there's alot of information and knowledge to be gained. There are three types of h4ackers i.e black-hats, grey-hats and white-hats.
With that background, its important to know that websites to black-hats/grey-hats are like priced tokens. A place to harness their skills and every success earns them bragging rights amongst their peers. White-hats are known as ethical h4ckers and despised by the rest.
There are numerous techniques that are used to break into websites ranging from remote file injection (RFI) into databases, defacing and Denial of Service attacks (DDoS).
IMHO, the e-Regulators will attract attention and thus the information placed online would therefore require them to deploy advanced security features & systems to mitigate against these types of attacks.
The e-Regulators information can be "confidential information" hence up for sale to the highest bidder. While this maybe a little bit far fetched, but in a competitive environment and where the regulators are privy to some of this information from the service providers/bidders, your guess is as good as mine. Phishing & identity theft are major attractions of such websites.
One of the most important aspects of security is to understand that there still exists the social vulnerability aspect. This is by far the most difficult to safeguard against. Fortunately or unfortunately, most h4ckers are well aware of this vulnerability.
DDOS and Defacements impact socially on the organizations ability to provide the online services. They should never be ignored as the perpetrators can always leave back-doors into the system.
My humble attempt to thinking as a hacker and hope that helps.
Regards,
-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: jwalu@yahoo.com Unsubscribe or change your options at
http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com
____________________________________________________________________________________ Check out the hottest 2008 models today at Yahoo! Autos. http://autos.yahoo.com/new_cars.html