Cyberwarfare has changed, a lot over the year. Its not only sitting at the computer scanning networks and other Commandline stuff. These days Cyber Warfare is under the same framework The Defense uses, called C4ISR. This also applies to Penetration Testers like me, especially when we are doing Black Box Penetration testing. Lemmie give you an example. Earlier this year we were doing a Penetration testing in a big firm in Southern Africa. They had their own VPN between countries and one point of Entry to the Internet (They Believed so). So i became a Janitor for one week and then i went ahead and found out the IT supporting company, and i went on to the HQ offices pretending to be staff of the IT Company, with business cards and other IDs. From there getting into KAV and getting a connect-back Binary as an AV agent to the whole company was just easy. All machines connected with a system shell to my CNC. So, i think with Cyber Warfare, the same applies everywhere, and what we should do is be afraid of those Nations that we don't know, what they are doing the same. So what is Cyberwarfare a) Cyber Espionage b) Cyber Terrorism - Cyber-jihad c) Cyber Hacktivism d) Cyber Sabotage e) Information Warfare etc etc. On Thu, Dec 4, 2014 at 2:22 PM, Walubengo J <jwalu@yahoo.com> wrote:
@Chuks,
Very interesting development...instead of attracting chinese tourists, we seem to be attracting chinese hackers :-)
But on a serious note, i still dont understand WHY they needed to be resident in Kenya in order to execute thier cybercrime when they can do safely from their homes in China.
Or maybe they were sniffing the local airwaves in rich neighbourhoods of Runda for wi-fi passwords - but you dont need a whole battaliion and server room to do that. Very fishy indeed.
walu.
-------------------------------------------- On Thu, 12/4/14, Gichuki John Chuksjonia via kictanet < kictanet@lists.kictanet.or.ke> wrote:
Subject: [kictanet] Fwd: [Security Forum] Fwd: Cyber Warfare on Kenya or Random Chinese To: jwalu@yahoo.com Date: Thursday, December 4, 2014, 11:11 AM
Lemmie patch up this discussion to the other main mail list, for awareness.
---------- Forwarded message ---------- From: BRIGHT GAMELI via Security <security@lists.my.co.ke> Date: Thu, 4 Dec 2014 16:26:26 +0900 Subject: Re: [Security Forum] Fwd: Cyber Warfare on Kenya or Random Chinese To: fredrick Wahome <frewah85@gmail.com>, "Security Forum All information security discussions in Africa are done here (Hacking, Decryptions, Security management, physical security, Disastor Recovery, Security Assessments etc etc)" <security@lists.my.co.ke>
Lets take a look at the strategic positions where these guys are located. Well even not much information has been release, a good yagi antenna can go really far as an example.
I also think the story will just die down and we will never hear about it again.
The government however will need to speed up forensics of these servers and all to know what kind of activities were being carried around. But again, I highly doubt we will get to know the details. Another good read here
http://www.kahawatungu.com/2014/09/06/chinese-hackers-embarassed-uhuru-usa/
Lets not turn a blind eye to all these before it is too late.
~ze3D~
On Thu, Dec 4, 2014 at 3:54 PM, fredrick Wahome via Security < security@lists.my.co.ke> wrote:
The reason why the government will not allow media into the rooms to capture the real setups....This will be just forgotten as Kanyaris issue. It must be a big operational group with safe havens spread across the country. How I wish the digital government would invest in cyber intelligence. But for now this will remain just a wish...
On Thu, Dec 4, 2014 at 9:45 AM, John Doe. <agikabia@gmail.com> wrote:
As someone commented earlier,most guys on this list have equipments running in their homes as well. The information being provided is really not clear on what they were doing. Most likely as fredrick has said and i tend to agree,this guys were actually up to no good. The question that begs is this. Since our government turned to the East for Financial Support.loans etc...do you really think China will allow these guys to be placed behind bars in kenya? Most likely this story will go quiet and not be remembered. I just tend to imagine how many other places may be in operation in kenya and even being run by other nationalities.
Regards Antony
On Thu, Dec 4, 2014 at 9:33 AM, fredrick Wahome via Security < security@lists.my.co.ke> wrote:
I have every reason to believe this is a cyber espionage by these Chinese guys. Peeped into some conversation on IRC with some blackhats in 2012 and they mentioned something like Chinese CyberSpy ring operating in Nairobi. However they are spying all over Africa with Runda being one of their safe house. But as obvious if you try to alert the government the Ruaraka boys will actually start investigating you
On Thu, Dec 4, 2014 at 9:08 AM, Adam Nelson via Security < security@lists.my.co.ke> wrote:
The reporting and statements by GoK are still too vague to understand what actually happened. Half the people on this list have network equipment and servers in their house. And if you were running a serious cybercrime syndicate in a house, you don't need dozens of people to do it.
-- Kili - Cloud for Africa: kili.io Musings: twitter.com/varud <https://twitter.com/varud> More Musings: varud.com About Adam: www.linkedin.com/in/adamcnelson
On Thu, Dec 4, 2014 at 7:25 AM, Mark Kipyegon via Security < security@lists.my.co.ke> wrote:
A more recent news report now claims the group is being charged in court with illegally operating a radio station. The same report then links this "cyber-crime command centre" to hacking facebook accounts, mpesa fraud, card theft and bizarrely, "Police said the Chinese were preparing to raid the country's communication systems".
Would anyone have more usable information on this?
-- Mark.
On 2 Dec 2014, at 14:20, "Almerindo Graziano via Security" < security@lists.my.co.ke> wrote:
the entire country is welcoming supplies and services from China across the ENTIRE critical infrastructure..That worries me more in terms of cyber warfare. No need of backdoor when you are let in through the front door :-)
Hence I seriously doubt the news is related to cyber warfare Al
On 02/12/2014 14:07, Adam Nelson via Security wrote:
And it might just be that these guys are working on an oilfield in Turkana and have VHF radios and Runda is their HQ and they simply didn't have the correct visas.
-- Kili - Cloud for Africa: kili.io Musings: twitter.com/varud <https://twitter.com/varud> More Musings: varud.com About Adam: www.linkedin.com/in/adamcnelson
On Tue, Dec 2, 2014 at 1:30 PM, Robin Wood via Security < security@lists.my.co.ke> wrote:
> On 2 December 2014 at 10:28, Gichuki John Chuksjonia via Security > <security@lists.my.co.ke> wrote: > > Cyber Warfare is real > > I would agree that Cyber Warefare is real but would say that this is > possibly more like normal criminality than warfare. > > Robin > > > > ---------- Forwarded message
> > From: BRIGHT GAMELI via Security <security@lists.my.co.ke> > > Date: Tue, 2 Dec 2014 17:57:00 +0900 > > Subject: [Security Forum] Cyber Warfare on Kenya or Random Chinese > > To: "Security Forum All information security discussions in Africa > are > > done here (Hacking, Decryptions, Security management, physical > > security, Disastor Recovery, Security Assessments etc etc)" > > <security@lists.my.co.ke> > > > > Should we start to say Cyber Warfare is real on Kenya or just brush > this > > off as another random happenings in Runda. > > > > > > > http://www.trending.co.ke/police-arrest-36-chinese-natio-852390307.html > > > > ~ze3D~ > > > > > > > > -- > > -- > > Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P > > I.T Security Analyst and Penetration Tester > > jgichuki at inbox d0t com > > > > {FORUM}http://lists.my.co.ke/pipermail/security/ > > http://chuksjonia.blogspot.com/ > > > >
> > Security mailing list > > Security@lists.my.co.ke > > http://lists.my.co.ke/cgi-bin/mailman/listinfo/security > >
> Security mailing list > Security@lists.my.co.ke > http://lists.my.co.ke/cgi-bin/mailman/listinfo/security >
Security mailing listSecurity@lists.my.co.kehttp:// lists.my.co.ke/cgi-bin/mailman/listinfo/security
Security mailing list Security@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/security
Security mailing list Security@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/security
Security mailing list Security@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/security
-- Kind Regards;
------------------------------------------
*Fredrick Wahome Ndung'uTeam LeaderSecunets TechnologiesWebsite: www.secunets.co.ke <http://www.secunets.com>Cell: +254725264890 <%2B254725264890>Email: fred@secunets.co.ke <fred@secunets.com>Experts in: Web 2.0 Applications, Domain Registration, Web Hosting, Information Security, Linux Applications, Computer Forensic & I.C.T Consultancy."Secure Business Technology"*
-------------------------------------------------------------------------------
*SECUNETS TECHNOLOGIES DISCLAIMER:*
This email message and any file(s) transmitted with it is intended solely for the individual or entity to whom it is addressed and may contain confidential and/or legally privileged information which confidentiality and/or privilege is not lost or waived by reason of mistaken transmission. If you have received this message by error you are not authorized to view disseminate distribute or copy the message without the written consent of Secunets Technologies and are requested to contact the sender by telephone or e-mail and destroy the original. Although Secunets Technologies takes all reasonable precautions to ensure that this message and any file transmitted with it is virus free, Secunets Technologies accepts no liability for any damage that may be caused by any virus transmitted by this email.
Security mailing list Security@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/security
-- Kind Regards;
------------------------------------------
*Fredrick Wahome Ndung'uTeam LeaderSecunets TechnologiesWebsite: www.secunets.co.ke <http://www.secunets.com>Cell: +254725264890 <%2B254725264890>Email: fred@secunets.co.ke <fred@secunets.com>Experts in: Web 2.0 Applications, Domain Registration, Web Hosting, Information Security, Linux Applications, Computer Forensic & I.C.T Consultancy."Secure Business Technology"*
-------------------------------------------------------------------------------
*SECUNETS TECHNOLOGIES DISCLAIMER:*
This email message and any file(s) transmitted with it is intended solely for the individual or entity to whom it is addressed and may contain confidential and/or legally privileged information which confidentiality and/or privilege is not lost or waived by reason of mistaken transmission. If you have received this message by error you are not authorized to view disseminate distribute or copy the message without the written consent of Secunets Technologies and are requested to contact the sender by telephone or e-mail and destroy the original. Although Secunets Technologies takes all reasonable precautions to ensure that this message and any file transmitted with it is virus free, Secunets Technologies accepts no liability for any damage that may be caused by any virus transmitted by this email.
_______________________________________________ Security mailing list Security@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/security
-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester jgichuki at inbox d0t com
{FORUM}http://lists.my.co.ke/pipermail/security/ http://chuksjonia.blogspot.com/
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester jgichuki at inbox d0t com {FORUM}http://lists.my.co.ke/pipermail/security/ http://chuksjonia.blogspot.com/