@ Wash, true - not so critical data maybe on these site. HOWEVER, I join Mblayo in taking the shame because it is matter of time before critical data seats on these platforms/cloud. And if we can protect our entry level websites, then who knows who will protect our serious data in the near future... It is one thing to be brought down - it happens even to US DoD (military) sites. It is quite another to stay down - 12hrs and still counting? Vincent and Company @ CCK, arent we paying you good public chums to run the National CSIRT protect our cyberspace? Or maybe we should get NSIS to blame? Either way I want my refund ;-) walu. --- On Tue, 1/17/12, McTim <dogwallah@gmail.com> wrote: From: McTim <dogwallah@gmail.com> Subject: Re: [kictanet] Government website Hacking incident a crying shame To: jwalu@yahoo.com Cc: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke> Date: Tuesday, January 17, 2012, 5:37 PM http://code-security.net/archives/114 go.ke Websites in Kenya brought down. Whole list below. http://www.administrationpolice.go.ke/index.html http://www.aideffectiveness.go.ke/index.html http://www.bungomacounty.go.ke/index.html http://www.businesslicense.go.ke/index.html http://www.cak.go.ke/index.html http://www.commstaskforce.go.ke/index.html http://www.cooperative.go.ke/index.html http://www.crd.go.ke/index.html http://www.crisisrcentre.go.ke/index.html http://www.ditkenya.go.ke/index.html http://www.doshs.go.ke/index.html http://www.economicstimulus.go.ke/index.html http://www.eldoretmunicipal.go.ke/index.html http://www.emu.go.ke/index.html http://www.education.go.ke/index.html http://www.environment.go.ke/index.html http://www.filmservices.go.ke/index.html http://www.fisheries.go.ke/index.html http://www.forestryandwildlife.go.ke/index.html http://www.gender.go.ke/index.html http://www.governmentpress.go.ke/index.html http://www.greenenergy.go.ke/index.html http://www.housing.go.ke/index.html http://www.ifmis.go.ke/index.html http://www.immigration.go.ke/index.html http://www.industrialization.go.ke/index.html http://www.isc.go.ke/index.html http://www.iprs.go.ke/index.html http://www.itentambachtowncouncil.go.ke/index.html http://www.itmis.go.ke/index.html http://www.kenao.go.ke/index.html http://www.kapsabetmunicipal.go.ke/index.html http://www.kenyayearbook.go.ke/index.html http://www.kerugoyakutusmunicipal.go.ke/index.html http://www.kesi.go.ke/index.html http://www.kipi.go.ke/index.html http://www.kisumucountycouncil.go.ke/index.html http://www.kirinyagacountycouncil.go.ke/index.html http://www.kitalemunicipal.go.ke/index.html http://www.kituimunicipal.go.ke/index.html http://www.kkv.go.ke/index.html http://www.knfparms.go.ke/index.html http://www.knsdi.go.ke/index.html http://www.kntc.go.ke/index.html http://www.laikipiacountycouncil.go.ke/index.html http://www.lands.go.ke/index.html http://www.leatherdevelopmentcouncil.go.ke/index.html http://www.limurumunicipal.go.ke/index.html http://www.livestock.go.ke/index.html http://www.lodwarmunicipal.go.ke/index.html http://www.maraguacountycouncil.go.ke/index.html http://www.mariakanitown.go.ke/index.html http://www.maurestoration.go.ke/index.html http://www.migoricountycouncil.go.ke/index.html http://www.minesgeology.go.ke/index.html http://www.mirp.go.ke/index.html http://www.monitoring.go.ke/index.html http://www.moyalecountycouncil.go.ke/index.html http://www.murangacounty.go.ke http://www.murangamunicipal.go.ke http://www.nairobicity.go.ke http://www.naivashamunicipal.go.ke http://www.nakurucounty.go.ke http://www.nationaldisaster.go.ke http://www.nationalheritage.go.ke http://www.nccs.go.ke http://www.nec.go.ke http://www.northernkenya.go.ke http://www.nyandaruacountycouncil.go.ke http://www.othayatowncouncil.go.ke http://www.pec.go.ke http://www.pfmr.go.ke http://www.pghnyeri.go.ke http://www.pharmacy.go.ke http://www.prisons.go.ke http://www.psrpc.go.ke http://www.publichealth.go.ke http://www.publicservice.go.ke http://www.publicworks.go.ke http://www.reformskenya.go.ke http://www.refugees.go.ke http://www.regional-dev.go.ke http://www.roads.go.ke http://www.rprlgsp.go.ke http://www.scat.go.ke http://www.scienceandtechnology.go.ke http://www.singlewindow.go.ke http://www.sprogrammes.go.ke http://www.tabakatown.go.ke http://www.tanathi.go.ke http://www.tfdg.go.ke/index.html http://www.technologycentre.ac.ke http://www.theenergytribunal.go.ke http://www.thekenyawewant.go.ke http://www.thikamunicipal.go.ke http://www.transformingkenya.go.ke http://www.treasury.go.ke http://www.ugunjatown.go.ke http://www.ukwalatown.go.ke http://www.westernkenya.go.ke http://www.vihigamunicipal.go.ke http://www.works.go.ke http://www.youthaffairs.go.ke On 1/17/12, Harry Delano <harry@comtelsys.co.ke> wrote:
Mblayo,
Pse avail details, so that we can see where we can assist.
Meanwhile just to echo your sentiments, and re-quoting the British Education secretary a while back;
This "is a serious travesty given our heritage as the most creative nation in the world" - I mean, in E.A and beyond..!
Anyone doubting this need to start with MPESA to attest for themselves.
Am wringing my knuckles..
Harry
From: kictanet-bounces+harry=comtelsys.co.ke@lists.kictanet.or.ke [mailto:kictanet-bounces+harry=comtelsys.co.ke@lists.kictanet.or.ke] On Behalf Of Brian Munyao Longwe Sent: Tuesday, January 17, 2012 5:09 PM To: harry@comtelsys.co.ke Cc: KICTAnet ICT Policy Discussions Subject: [kictanet] Government website Hacking incident a crying shame
The fact that a student on a hacking/computer security course could hack into and deface more than 100 Government of Kenya websites in one night(!) is a crying shame. In addition to that, the fact that it seems all or most of these sites were hosted on a single server is a travesty of best practice.
Is it so difficult for GoK to invite (readily available) information security experts to design and implement a suitable online information framework for public government websites?
Shaking my head,
Brian
-- Brian Munyao Longwe e-mail: blongwe@gmail.com cell: +254715964281 blog : http://zinjlog.blogspot.com meta-blog: http://mashilingi.blogspot.com
-- Cheers, McTim "A name indicates what we seek. An address indicates where it is. A route indicates how we get there." Jon Postel _______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development. KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.