Government website Hacking incident a crying shame
The fact that a student on a hacking/computer security course could hack into and deface more than 100 Government of Kenya websites* in one night(!)*is a crying shame. In addition to that, the fact that it seems all or most of these sites were hosted on a single server is a travesty of best practice. Is it so difficult for GoK to invite (readily available) information security experts to design and implement a suitable online information framework for public government websites? Shaking my head, Brian -- Brian Munyao Longwe e-mail: blongwe@gmail.com cell: +254715964281 blog : http://zinjlog.blogspot.com meta-blog: http://mashilingi.blogspot.com
On Tue, Jan 17, 2012 at 17:09, Brian Munyao Longwe <blongwe@gmail.com>wrote:
The fact that a student on a hacking/computer security course could hack into and deface more than 100 Government of Kenya websites* in one night(!)* is a crying shame. In addition to that, the fact that it seems all or most of these sites were hosted on a single server is a travesty of best practice.
Is it so difficult for GoK to invite (readily available) information security experts to design and implement a suitable online information framework for public government websites?
Shaking my head,
@Brian, Where is the shame coming from? You don't work for gava, so I don't really understand what your share is in the shame. This is the govt!! Don't you know the govt? Seriously though, most of the websites are useless, IMHO. Did you hear anyone complain that a certain govt website is down and so they are unable to operate/discharge their duties? Let's cry for what is worth our tears. I am sure you do know that the govt has an ICT Directorate or something of the sort. Ask the boss to take iResposibility for this shame, please, and move on. It's so difficult to cure what ails govt. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email.
Mblayo, Pse avail details, so that we can see where we can assist. Meanwhile just to echo your sentiments, and re-quoting the British Education secretary a while back; This "is a serious travesty given our heritage as the most creative nation in the world" - I mean, in E.A and beyond..! Anyone doubting this need to start with MPESA to attest for themselves. Am wringing my knuckles.. Harry From: kictanet-bounces+harry=comtelsys.co.ke@lists.kictanet.or.ke [mailto:kictanet-bounces+harry=comtelsys.co.ke@lists.kictanet.or.ke] On Behalf Of Brian Munyao Longwe Sent: Tuesday, January 17, 2012 5:09 PM To: harry@comtelsys.co.ke Cc: KICTAnet ICT Policy Discussions Subject: [kictanet] Government website Hacking incident a crying shame The fact that a student on a hacking/computer security course could hack into and deface more than 100 Government of Kenya websites in one night(!) is a crying shame. In addition to that, the fact that it seems all or most of these sites were hosted on a single server is a travesty of best practice. Is it so difficult for GoK to invite (readily available) information security experts to design and implement a suitable online information framework for public government websites? Shaking my head, Brian -- Brian Munyao Longwe e-mail: blongwe@gmail.com cell: +254715964281 blog : http://zinjlog.blogspot.com meta-blog: http://mashilingi.blogspot.com
http://code-security.net/archives/114 go.ke Websites in Kenya brought down. Whole list below. http://www.administrationpolice.go.ke/index.html http://www.aideffectiveness.go.ke/index.html http://www.bungomacounty.go.ke/index.html http://www.businesslicense.go.ke/index.html http://www.cak.go.ke/index.html http://www.commstaskforce.go.ke/index.html http://www.cooperative.go.ke/index.html http://www.crd.go.ke/index.html http://www.crisisrcentre.go.ke/index.html http://www.ditkenya.go.ke/index.html http://www.doshs.go.ke/index.html http://www.economicstimulus.go.ke/index.html http://www.eldoretmunicipal.go.ke/index.html http://www.emu.go.ke/index.html http://www.education.go.ke/index.html http://www.environment.go.ke/index.html http://www.filmservices.go.ke/index.html http://www.fisheries.go.ke/index.html http://www.forestryandwildlife.go.ke/index.html http://www.gender.go.ke/index.html http://www.governmentpress.go.ke/index.html http://www.greenenergy.go.ke/index.html http://www.housing.go.ke/index.html http://www.ifmis.go.ke/index.html http://www.immigration.go.ke/index.html http://www.industrialization.go.ke/index.html http://www.isc.go.ke/index.html http://www.iprs.go.ke/index.html http://www.itentambachtowncouncil.go.ke/index.html http://www.itmis.go.ke/index.html http://www.kenao.go.ke/index.html http://www.kapsabetmunicipal.go.ke/index.html http://www.kenyayearbook.go.ke/index.html http://www.kerugoyakutusmunicipal.go.ke/index.html http://www.kesi.go.ke/index.html http://www.kipi.go.ke/index.html http://www.kisumucountycouncil.go.ke/index.html http://www.kirinyagacountycouncil.go.ke/index.html http://www.kitalemunicipal.go.ke/index.html http://www.kituimunicipal.go.ke/index.html http://www.kkv.go.ke/index.html http://www.knfparms.go.ke/index.html http://www.knsdi.go.ke/index.html http://www.kntc.go.ke/index.html http://www.laikipiacountycouncil.go.ke/index.html http://www.lands.go.ke/index.html http://www.leatherdevelopmentcouncil.go.ke/index.html http://www.limurumunicipal.go.ke/index.html http://www.livestock.go.ke/index.html http://www.lodwarmunicipal.go.ke/index.html http://www.maraguacountycouncil.go.ke/index.html http://www.mariakanitown.go.ke/index.html http://www.maurestoration.go.ke/index.html http://www.migoricountycouncil.go.ke/index.html http://www.minesgeology.go.ke/index.html http://www.mirp.go.ke/index.html http://www.monitoring.go.ke/index.html http://www.moyalecountycouncil.go.ke/index.html http://www.murangacounty.go.ke http://www.murangamunicipal.go.ke http://www.nairobicity.go.ke http://www.naivashamunicipal.go.ke http://www.nakurucounty.go.ke http://www.nationaldisaster.go.ke http://www.nationalheritage.go.ke http://www.nccs.go.ke http://www.nec.go.ke http://www.northernkenya.go.ke http://www.nyandaruacountycouncil.go.ke http://www.othayatowncouncil.go.ke http://www.pec.go.ke http://www.pfmr.go.ke http://www.pghnyeri.go.ke http://www.pharmacy.go.ke http://www.prisons.go.ke http://www.psrpc.go.ke http://www.publichealth.go.ke http://www.publicservice.go.ke http://www.publicworks.go.ke http://www.reformskenya.go.ke http://www.refugees.go.ke http://www.regional-dev.go.ke http://www.roads.go.ke http://www.rprlgsp.go.ke http://www.scat.go.ke http://www.scienceandtechnology.go.ke http://www.singlewindow.go.ke http://www.sprogrammes.go.ke http://www.tabakatown.go.ke http://www.tanathi.go.ke http://www.tfdg.go.ke/index.html http://www.technologycentre.ac.ke http://www.theenergytribunal.go.ke http://www.thekenyawewant.go.ke http://www.thikamunicipal.go.ke http://www.transformingkenya.go.ke http://www.treasury.go.ke http://www.ugunjatown.go.ke http://www.ukwalatown.go.ke http://www.westernkenya.go.ke http://www.vihigamunicipal.go.ke http://www.works.go.ke http://www.youthaffairs.go.ke On 1/17/12, Harry Delano <harry@comtelsys.co.ke> wrote:
Mblayo,
Pse avail details, so that we can see where we can assist.
Meanwhile just to echo your sentiments, and re-quoting the British Education secretary a while back;
This "is a serious travesty given our heritage as the most creative nation in the world" - I mean, in E.A and beyond..!
Anyone doubting this need to start with MPESA to attest for themselves.
Am wringing my knuckles..
Harry
From: kictanet-bounces+harry=comtelsys.co.ke@lists.kictanet.or.ke [mailto:kictanet-bounces+harry=comtelsys.co.ke@lists.kictanet.or.ke] On Behalf Of Brian Munyao Longwe Sent: Tuesday, January 17, 2012 5:09 PM To: harry@comtelsys.co.ke Cc: KICTAnet ICT Policy Discussions Subject: [kictanet] Government website Hacking incident a crying shame
The fact that a student on a hacking/computer security course could hack into and deface more than 100 Government of Kenya websites in one night(!) is a crying shame. In addition to that, the fact that it seems all or most of these sites were hosted on a single server is a travesty of best practice.
Is it so difficult for GoK to invite (readily available) information security experts to design and implement a suitable online information framework for public government websites?
Shaking my head,
Brian
-- Brian Munyao Longwe e-mail: blongwe@gmail.com cell: +254715964281 blog : http://zinjlog.blogspot.com meta-blog: http://mashilingi.blogspot.com
-- Cheers, McTim "A name indicates what we seek. An address indicates where it is. A route indicates how we get there." Jon Postel
Wah...! Thanks McTim... Indeed a random check on a number of the websites, zero in on a single IP address.. Was hosting single-sourced...? What happened..? Is Directorate represented here..? Harry -----Original Message----- From: McTim [mailto:dogwallah@gmail.com] Sent: Tuesday, January 17, 2012 5:38 PM To: harry@comtelsys.co.ke Cc: KICTAnet ICT Policy Discussions Subject: Re: [kictanet] Government website Hacking incident a crying shame http://code-security.net/archives/114 go.ke Websites in Kenya brought down. Whole list below. http://www.administrationpolice.go.ke/index.html http://www.aideffectiveness.go.ke/index.html http://www.bungomacounty.go.ke/index.html http://www.businesslicense.go.ke/index.html http://www.cak.go.ke/index.html http://www.commstaskforce.go.ke/index.html http://www.cooperative.go.ke/index.html http://www.crd.go.ke/index.html http://www.crisisrcentre.go.ke/index.html http://www.ditkenya.go.ke/index.html http://www.doshs.go.ke/index.html http://www.economicstimulus.go.ke/index.html http://www.eldoretmunicipal.go.ke/index.html http://www.emu.go.ke/index.html http://www.education.go.ke/index.html http://www.environment.go.ke/index.html http://www.filmservices.go.ke/index.html http://www.fisheries.go.ke/index.html http://www.forestryandwildlife.go.ke/index.html http://www.gender.go.ke/index.html http://www.governmentpress.go.ke/index.html http://www.greenenergy.go.ke/index.html http://www.housing.go.ke/index.html http://www.ifmis.go.ke/index.html http://www.immigration.go.ke/index.html http://www.industrialization.go.ke/index.html http://www.isc.go.ke/index.html http://www.iprs.go.ke/index.html http://www.itentambachtowncouncil.go.ke/index.html http://www.itmis.go.ke/index.html http://www.kenao.go.ke/index.html http://www.kapsabetmunicipal.go.ke/index.html http://www.kenyayearbook.go.ke/index.html http://www.kerugoyakutusmunicipal.go.ke/index.html http://www.kesi.go.ke/index.html http://www.kipi.go.ke/index.html http://www.kisumucountycouncil.go.ke/index.html http://www.kirinyagacountycouncil.go.ke/index.html http://www.kitalemunicipal.go.ke/index.html http://www.kituimunicipal.go.ke/index.html http://www.kkv.go.ke/index.html http://www.knfparms.go.ke/index.html http://www.knsdi.go.ke/index.html http://www.kntc.go.ke/index.html http://www.laikipiacountycouncil.go.ke/index.html http://www.lands.go.ke/index.html http://www.leatherdevelopmentcouncil.go.ke/index.html http://www.limurumunicipal.go.ke/index.html http://www.livestock.go.ke/index.html http://www.lodwarmunicipal.go.ke/index.html http://www.maraguacountycouncil.go.ke/index.html http://www.mariakanitown.go.ke/index.html http://www.maurestoration.go.ke/index.html http://www.migoricountycouncil.go.ke/index.html http://www.minesgeology.go.ke/index.html http://www.mirp.go.ke/index.html http://www.monitoring.go.ke/index.html http://www.moyalecountycouncil.go.ke/index.html http://www.murangacounty.go.ke http://www.murangamunicipal.go.ke http://www.nairobicity.go.ke http://www.naivashamunicipal.go.ke http://www.nakurucounty.go.ke http://www.nationaldisaster.go.ke http://www.nationalheritage.go.ke http://www.nccs.go.ke http://www.nec.go.ke http://www.northernkenya.go.ke http://www.nyandaruacountycouncil.go.ke http://www.othayatowncouncil.go.ke http://www.pec.go.ke http://www.pfmr.go.ke http://www.pghnyeri.go.ke http://www.pharmacy.go.ke http://www.prisons.go.ke http://www.psrpc.go.ke http://www.publichealth.go.ke http://www.publicservice.go.ke http://www.publicworks.go.ke http://www.reformskenya.go.ke http://www.refugees.go.ke http://www.regional-dev.go.ke http://www.roads.go.ke http://www.rprlgsp.go.ke http://www.scat.go.ke http://www.scienceandtechnology.go.ke http://www.singlewindow.go.ke http://www.sprogrammes.go.ke http://www.tabakatown.go.ke http://www.tanathi.go.ke http://www.tfdg.go.ke/index.html http://www.technologycentre.ac.ke http://www.theenergytribunal.go.ke http://www.thekenyawewant.go.ke http://www.thikamunicipal.go.ke http://www.transformingkenya.go.ke http://www.treasury.go.ke http://www.ugunjatown.go.ke http://www.ukwalatown.go.ke http://www.westernkenya.go.ke http://www.vihigamunicipal.go.ke http://www.works.go.ke http://www.youthaffairs.go.ke On 1/17/12, Harry Delano <harry@comtelsys.co.ke> wrote:
Mblayo,
Pse avail details, so that we can see where we can assist.
Meanwhile just to echo your sentiments, and re-quoting the British Education secretary a while back;
This "is a serious travesty given our heritage as the most creative nation in the world" - I mean, in E.A and beyond..!
Anyone doubting this need to start with MPESA to attest for themselves.
Am wringing my knuckles..
Harry
From: kictanet-bounces+harry=comtelsys.co.ke@lists.kictanet.or.ke [mailto:kictanet-bounces+harry=comtelsys.co.ke@lists.kictanet.or.ke] On Behalf Of Brian Munyao Longwe Sent: Tuesday, January 17, 2012 5:09 PM To: harry@comtelsys.co.ke Cc: KICTAnet ICT Policy Discussions Subject: [kictanet] Government website Hacking incident a crying shame
The fact that a student on a hacking/computer security course could hack into and deface more than 100 Government of Kenya websites in one night(!) is a crying shame. In addition to that, the fact that it seems all or most of these sites were hosted on a single server is a travesty of best practice.
Is it so difficult for GoK to invite (readily available) information security experts to design and implement a suitable online information framework for public government websites?
Shaking my head,
Brian
-- Brian Munyao Longwe e-mail: blongwe@gmail.com cell: +254715964281 blog : http://zinjlog.blogspot.com meta-blog: http://mashilingi.blogspot.com
-- Cheers, McTim "A name indicates what we seek. An address indicates where it is. A route indicates how we get there." Jon Postel
@ Wash, true - not so critical data maybe on these site. HOWEVER, I join Mblayo in taking the shame because it is matter of time before critical data seats on these platforms/cloud. And if we can protect our entry level websites, then who knows who will protect our serious data in the near future... It is one thing to be brought down - it happens even to US DoD (military). It quite another to stay down - 12hrs and still counting? Vincent and Company @ CCK, arent we paying you public chums to run the National CSIRT protect our cyberspace? Or maybe we should get NSIS to blame? Either way I want my refund ;-) walu. --- On Tue, 1/17/12, McTim <dogwallah@gmail.com> wrote: From: McTim <dogwallah@gmail.com> Subject: Re: [kictanet] Government website Hacking incident a crying shame To: jwalu@yahoo.com Cc: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke> Date: Tuesday, January 17, 2012, 5:37 PM http://code-security.net/archives/114 go.ke Websites in Kenya brought down. Whole list below. http://www.administrationpolice.go.ke/index.html http://www.aideffectiveness.go.ke/index.html http://www.bungomacounty.go.ke/index.html http://www.businesslicense.go.ke/index.html http://www.cak.go.ke/index.html http://www.commstaskforce.go.ke/index.html http://www.cooperative.go.ke/index.html http://www.crd.go.ke/index.html http://www.crisisrcentre.go.ke/index.html http://www.ditkenya.go.ke/index.html http://www.doshs.go.ke/index.html http://www.economicstimulus.go.ke/index.html http://www.eldoretmunicipal.go.ke/index.html http://www.emu.go.ke/index.html http://www.education.go.ke/index.html http://www.environment.go.ke/index.html http://www.filmservices.go.ke/index.html http://www.fisheries.go.ke/index.html http://www.forestryandwildlife.go.ke/index.html http://www.gender.go.ke/index.html http://www.governmentpress.go.ke/index.html http://www.greenenergy.go.ke/index.html http://www.housing.go.ke/index.html http://www.ifmis.go.ke/index.html http://www.immigration.go.ke/index.html http://www.industrialization.go.ke/index.html http://www.isc.go.ke/index.html http://www.iprs.go.ke/index.html http://www.itentambachtowncouncil.go.ke/index.html http://www.itmis.go.ke/index.html http://www.kenao.go.ke/index.html http://www.kapsabetmunicipal.go.ke/index.html http://www.kenyayearbook.go.ke/index.html http://www.kerugoyakutusmunicipal.go.ke/index.html http://www.kesi.go.ke/index.html http://www.kipi.go.ke/index.html http://www.kisumucountycouncil.go.ke/index.html http://www.kirinyagacountycouncil.go.ke/index.html http://www.kitalemunicipal.go.ke/index.html http://www.kituimunicipal.go.ke/index.html http://www.kkv.go.ke/index.html http://www.knfparms.go.ke/index.html http://www.knsdi.go.ke/index.html http://www.kntc.go.ke/index.html http://www.laikipiacountycouncil.go.ke/index.html http://www.lands.go.ke/index.html http://www.leatherdevelopmentcouncil.go.ke/index.html http://www.limurumunicipal.go.ke/index.html http://www.livestock.go.ke/index.html http://www.lodwarmunicipal.go.ke/index.html http://www.maraguacountycouncil.go.ke/index.html http://www.mariakanitown.go.ke/index.html http://www.maurestoration.go.ke/index.html http://www.migoricountycouncil.go.ke/index.html http://www.minesgeology.go.ke/index.html http://www.mirp.go.ke/index.html http://www.monitoring.go.ke/index.html http://www.moyalecountycouncil.go.ke/index.html http://www.murangacounty.go.ke http://www.murangamunicipal.go.ke http://www.nairobicity.go.ke http://www.naivashamunicipal.go.ke http://www.nakurucounty.go.ke http://www.nationaldisaster.go.ke http://www.nationalheritage.go.ke http://www.nccs.go.ke http://www.nec.go.ke http://www.northernkenya.go.ke http://www.nyandaruacountycouncil.go.ke http://www.othayatowncouncil.go.ke http://www.pec.go.ke http://www.pfmr.go.ke http://www.pghnyeri.go.ke http://www.pharmacy.go.ke http://www.prisons.go.ke http://www.psrpc.go.ke http://www.publichealth.go.ke http://www.publicservice.go.ke http://www.publicworks.go.ke http://www.reformskenya.go.ke http://www.refugees.go.ke http://www.regional-dev.go.ke http://www.roads.go.ke http://www.rprlgsp.go.ke http://www.scat.go.ke http://www.scienceandtechnology.go.ke http://www.singlewindow.go.ke http://www.sprogrammes.go.ke http://www.tabakatown.go.ke http://www.tanathi.go.ke http://www.tfdg.go.ke/index.html http://www.technologycentre.ac.ke http://www.theenergytribunal.go.ke http://www.thekenyawewant.go.ke http://www.thikamunicipal.go.ke http://www.transformingkenya.go.ke http://www.treasury.go.ke http://www.ugunjatown.go.ke http://www.ukwalatown.go.ke http://www.westernkenya.go.ke http://www.vihigamunicipal.go.ke http://www.works.go.ke http://www.youthaffairs.go.ke On 1/17/12, Harry Delano <harry@comtelsys.co.ke> wrote:
Mblayo,
Pse avail details, so that we can see where we can assist.
Meanwhile just to echo your sentiments, and re-quoting the British Education secretary a while back;
This "is a serious travesty given our heritage as the most creative nation in the world" - I mean, in E.A and beyond..!
Anyone doubting this need to start with MPESA to attest for themselves.
Am wringing my knuckles..
Harry
From: kictanet-bounces+harry=comtelsys.co.ke@lists.kictanet.or.ke [mailto:kictanet-bounces+harry=comtelsys.co.ke@lists.kictanet.or.ke] On Behalf Of Brian Munyao Longwe Sent: Tuesday, January 17, 2012 5:09 PM To: harry@comtelsys.co.ke Cc: KICTAnet ICT Policy Discussions Subject: [kictanet] Government website Hacking incident a crying shame
The fact that a student on a hacking/computer security course could hack into and deface more than 100 Government of Kenya websites in one night(!) is a crying shame. In addition to that, the fact that it seems all or most of these sites were hosted on a single server is a travesty of best practice.
Is it so difficult for GoK to invite (readily available) information security experts to design and implement a suitable online information framework for public government websites?
Shaking my head,
Brian
-- Brian Munyao Longwe e-mail: blongwe@gmail.com cell: +254715964281 blog : http://zinjlog.blogspot.com meta-blog: http://mashilingi.blogspot.com
-- Cheers, McTim "A name indicates what we seek. An address indicates where it is. A route indicates how we get there." Jon Postel _______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development. KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
This goes beyond government: eg its not unheard of for a company/govt to spend money on a data center or other infrastructure, then outsource the very services that should be in that DC to some US/foreign company for quick bucks, or because it makes 'sense'. - Our users take up a service, the log files are shipped to the 'cloud', we read about Kenyan statistics from some foreigner just because no one analyses it here, oh and you have no access to it. Today facebook can tell you all manner of things about our habits, ditto google. We then go buy trend reports. I've spent countless hrs trying to convince someone at work that 'raw data and log files' are a raw material of immense value. - a trend thats seeing alot of foreign funding for technology startups will probably see more 'profits' flying away while a couple of Kenyans with money can't/don't want to/don't know how to take advantage of the said opportunities. - Regionally quite a number of people look up to us to show the way forward. However in all these problems, Im seeing a trend where things keep improving - slowly. And yes cyber security is going to be a challenge but we can get through it if the affected people talk to the right people. Im also happy with that. And to be fair I've not done much to improve things so far. Gitau On Tue, Jan 17, 2012 at 5:55 PM, Walubengo J <jwalu@yahoo.com> wrote:
@ Wash,
true - not so critical data maybe on these site. HOWEVER, I join Mblayo in taking the shame because it is matter of time before critical data seats on these platforms/cloud. And if we can protect our entry level websites, then who knows who will protect our serious data in the near future...
It is one thing to be brought down - it happens even to US DoD (military). It quite another to stay down - 12hrs and still counting?
Vincent and Company @ CCK, arent we paying you public chums to run the National CSIRT protect our cyberspace? Or maybe we should get NSIS to blame? Either way I want my refund ;-)
walu.
--- On *Tue, 1/17/12, McTim <dogwallah@gmail.com>* wrote:
From: McTim <dogwallah@gmail.com>
Subject: Re: [kictanet] Government website Hacking incident a crying shame To: jwalu@yahoo.com Cc: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke> Date: Tuesday, January 17, 2012, 5:37 PM
http://code-security.net/archives/114
go.ke Websites in Kenya brought down.
Whole list below.
http://www.administrationpolice.go.ke/index.html
http://www.aideffectiveness.go.ke/index.html
http://www.bungomacounty.go.ke/index.html
http://www.businesslicense.go.ke/index.html
http://www.cak.go.ke/index.html
http://www.commstaskforce.go.ke/index.html
http://www.cooperative.go.ke/index.html
http://www.crd.go.ke/index.html
http://www.crisisrcentre.go.ke/index.html
http://www.ditkenya.go.ke/index.html
http://www.doshs.go.ke/index.html
http://www.economicstimulus.go.ke/index.html
http://www.eldoretmunicipal.go.ke/index.html
http://www.emu.go.ke/index.html
http://www.education.go.ke/index.html
http://www.environment.go.ke/index.html
http://www.filmservices.go.ke/index.html
http://www.fisheries.go.ke/index.html
http://www.forestryandwildlife.go.ke/index.html
http://www.gender.go.ke/index.html
http://www.governmentpress.go.ke/index.html
http://www.greenenergy.go.ke/index.html
http://www.housing.go.ke/index.html
http://www.ifmis.go.ke/index.html
http://www.immigration.go.ke/index.html
http://www.industrialization.go.ke/index.html
http://www.isc.go.ke/index.html
http://www.iprs.go.ke/index.html
http://www.itentambachtowncouncil.go.ke/index.html
http://www.itmis.go.ke/index.html
http://www.kenao.go.ke/index.html
http://www.kapsabetmunicipal.go.ke/index.html
http://www.kenyayearbook.go.ke/index.html
http://www.kerugoyakutusmunicipal.go.ke/index.html
http://www.kesi.go.ke/index.html
http://www.kipi.go.ke/index.html
http://www.kisumucountycouncil.go.ke/index.html
http://www.kirinyagacountycouncil.go.ke/index.html
http://www.kitalemunicipal.go.ke/index.html
http://www.kituimunicipal.go.ke/index.html
http://www.kkv.go.ke/index.html
http://www.knfparms.go.ke/index.html
http://www.knsdi.go.ke/index.html
http://www.kntc.go.ke/index.html
http://www.laikipiacountycouncil.go.ke/index.html
http://www.lands.go.ke/index.html
http://www.leatherdevelopmentcouncil.go.ke/index.html
http://www.limurumunicipal.go.ke/index.html
http://www.livestock.go.ke/index.html
http://www.lodwarmunicipal.go.ke/index.html
http://www.maraguacountycouncil.go.ke/index.html
http://www.mariakanitown.go.ke/index.html
http://www.maurestoration.go.ke/index.html
http://www.migoricountycouncil.go.ke/index.html
http://www.minesgeology.go.ke/index.html
http://www.mirp.go.ke/index.html
http://www.monitoring.go.ke/index.html
http://www.moyalecountycouncil.go.ke/index.html
http://www.murangacounty.go.ke
http://www.murangamunicipal.go.ke
http://www.naivashamunicipal.go.ke
http://www.nationaldisaster.go.ke
http://www.nationalheritage.go.ke
http://www.northernkenya.go.ke
http://www.nyandaruacountycouncil.go.ke
http://www.othayatowncouncil.go.ke
http://www.publicservice.go.ke
http://www.scienceandtechnology.go.ke
http://www.tfdg.go.ke/index.html
http://www.technologycentre.ac.ke
http://www.theenergytribunal.go.ke
http://www.thekenyawewant.go.ke
http://www.thikamunicipal.go.ke
http://www.transformingkenya.go.ke
http://www.vihigamunicipal.go.ke
On 1/17/12, Harry Delano <harry@comtelsys.co.ke<http://mc/compose?to=harry@comtelsys.co.ke>> wrote:
Mblayo,
Pse avail details, so that we can see where we can assist.
Meanwhile just to echo your sentiments, and re-quoting the British Education secretary a while back;
This "is a serious travesty given our heritage as the most creative nation in the world" - I mean, in E.A and beyond..!
Anyone doubting this need to start with MPESA to attest for themselves.
Am wringing my knuckles..
Harry
From: kictanet-bounces+harry=comtelsys.co.ke@lists.kictanet.or.ke<http://mc/compose?to=comtelsys.co.ke@lists.kictanet.or.ke> [mailto:kictanet-bounces+harry=comtelsys.co.ke@lists.kictanet.or.ke<http://mc/compose?to=comtelsys.co.ke@lists.kictanet.or.ke>] On Behalf Of Brian Munyao Longwe Sent: Tuesday, January 17, 2012 5:09 PM To: harry@comtelsys.co.ke <http://mc/compose?to=harry@comtelsys.co.ke> Cc: KICTAnet ICT Policy Discussions Subject: [kictanet] Government website Hacking incident a crying shame
The fact that a student on a hacking/computer security course could hack into and deface more than 100 Government of Kenya websites in one night(!) is a crying shame. In addition to that, the fact that it seems all or most of these sites were hosted on a single server is a travesty of best practice.
Is it so difficult for GoK to invite (readily available) information security experts to design and implement a suitable online information framework for public government websites?
Shaking my head,
Brian
-- Brian Munyao Longwe e-mail: blongwe@gmail.com <http://mc/compose?to=blongwe@gmail.com> cell: +254715964281 blog : http://zinjlog.blogspot.com meta-blog: http://mashilingi.blogspot.com
-- Cheers,
McTim "A name indicates what we seek. An address indicates where it is. A route indicates how we get there." Jon Postel
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke<http://mc/compose?to=kictanet@lists.kictanet.or.ke> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/jgitau%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-- **Gitau
@ Wash, true - not so critical data maybe on these site. HOWEVER, I join Mblayo in taking the shame because it is matter of time before critical data seats on these platforms/cloud. And if we can protect our entry level websites, then who knows who will protect our serious data in the near future... It is one thing to be brought down - it happens even to US DoD (military) sites. It is quite another to stay down - 12hrs and still counting? Vincent and Company @ CCK, arent we paying you good public chums to run the National CSIRT protect our cyberspace? Or maybe we should get NSIS to blame? Either way I want my refund ;-) walu. --- On Tue, 1/17/12, McTim <dogwallah@gmail.com> wrote: From: McTim <dogwallah@gmail.com> Subject: Re: [kictanet] Government website Hacking incident a crying shame To: jwalu@yahoo.com Cc: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke> Date: Tuesday, January 17, 2012, 5:37 PM http://code-security.net/archives/114 go.ke Websites in Kenya brought down. Whole list below. http://www.administrationpolice.go.ke/index.html http://www.aideffectiveness.go.ke/index.html http://www.bungomacounty.go.ke/index.html http://www.businesslicense.go.ke/index.html http://www.cak.go.ke/index.html http://www.commstaskforce.go.ke/index.html http://www.cooperative.go.ke/index.html http://www.crd.go.ke/index.html http://www.crisisrcentre.go.ke/index.html http://www.ditkenya.go.ke/index.html http://www.doshs.go.ke/index.html http://www.economicstimulus.go.ke/index.html http://www.eldoretmunicipal.go.ke/index.html http://www.emu.go.ke/index.html http://www.education.go.ke/index.html http://www.environment.go.ke/index.html http://www.filmservices.go.ke/index.html http://www.fisheries.go.ke/index.html http://www.forestryandwildlife.go.ke/index.html http://www.gender.go.ke/index.html http://www.governmentpress.go.ke/index.html http://www.greenenergy.go.ke/index.html http://www.housing.go.ke/index.html http://www.ifmis.go.ke/index.html http://www.immigration.go.ke/index.html http://www.industrialization.go.ke/index.html http://www.isc.go.ke/index.html http://www.iprs.go.ke/index.html http://www.itentambachtowncouncil.go.ke/index.html http://www.itmis.go.ke/index.html http://www.kenao.go.ke/index.html http://www.kapsabetmunicipal.go.ke/index.html http://www.kenyayearbook.go.ke/index.html http://www.kerugoyakutusmunicipal.go.ke/index.html http://www.kesi.go.ke/index.html http://www.kipi.go.ke/index.html http://www.kisumucountycouncil.go.ke/index.html http://www.kirinyagacountycouncil.go.ke/index.html http://www.kitalemunicipal.go.ke/index.html http://www.kituimunicipal.go.ke/index.html http://www.kkv.go.ke/index.html http://www.knfparms.go.ke/index.html http://www.knsdi.go.ke/index.html http://www.kntc.go.ke/index.html http://www.laikipiacountycouncil.go.ke/index.html http://www.lands.go.ke/index.html http://www.leatherdevelopmentcouncil.go.ke/index.html http://www.limurumunicipal.go.ke/index.html http://www.livestock.go.ke/index.html http://www.lodwarmunicipal.go.ke/index.html http://www.maraguacountycouncil.go.ke/index.html http://www.mariakanitown.go.ke/index.html http://www.maurestoration.go.ke/index.html http://www.migoricountycouncil.go.ke/index.html http://www.minesgeology.go.ke/index.html http://www.mirp.go.ke/index.html http://www.monitoring.go.ke/index.html http://www.moyalecountycouncil.go.ke/index.html http://www.murangacounty.go.ke http://www.murangamunicipal.go.ke http://www.nairobicity.go.ke http://www.naivashamunicipal.go.ke http://www.nakurucounty.go.ke http://www.nationaldisaster.go.ke http://www.nationalheritage.go.ke http://www.nccs.go.ke http://www.nec.go.ke http://www.northernkenya.go.ke http://www.nyandaruacountycouncil.go.ke http://www.othayatowncouncil.go.ke http://www.pec.go.ke http://www.pfmr.go.ke http://www.pghnyeri.go.ke http://www.pharmacy.go.ke http://www.prisons.go.ke http://www.psrpc.go.ke http://www.publichealth.go.ke http://www.publicservice.go.ke http://www.publicworks.go.ke http://www.reformskenya.go.ke http://www.refugees.go.ke http://www.regional-dev.go.ke http://www.roads.go.ke http://www.rprlgsp.go.ke http://www.scat.go.ke http://www.scienceandtechnology.go.ke http://www.singlewindow.go.ke http://www.sprogrammes.go.ke http://www.tabakatown.go.ke http://www.tanathi.go.ke http://www.tfdg.go.ke/index.html http://www.technologycentre.ac.ke http://www.theenergytribunal.go.ke http://www.thekenyawewant.go.ke http://www.thikamunicipal.go.ke http://www.transformingkenya.go.ke http://www.treasury.go.ke http://www.ugunjatown.go.ke http://www.ukwalatown.go.ke http://www.westernkenya.go.ke http://www.vihigamunicipal.go.ke http://www.works.go.ke http://www.youthaffairs.go.ke On 1/17/12, Harry Delano <harry@comtelsys.co.ke> wrote:
Mblayo,
Pse avail details, so that we can see where we can assist.
Meanwhile just to echo your sentiments, and re-quoting the British Education secretary a while back;
This "is a serious travesty given our heritage as the most creative nation in the world" - I mean, in E.A and beyond..!
Anyone doubting this need to start with MPESA to attest for themselves.
Am wringing my knuckles..
Harry
From: kictanet-bounces+harry=comtelsys.co.ke@lists.kictanet.or.ke [mailto:kictanet-bounces+harry=comtelsys.co.ke@lists.kictanet.or.ke] On Behalf Of Brian Munyao Longwe Sent: Tuesday, January 17, 2012 5:09 PM To: harry@comtelsys.co.ke Cc: KICTAnet ICT Policy Discussions Subject: [kictanet] Government website Hacking incident a crying shame
The fact that a student on a hacking/computer security course could hack into and deface more than 100 Government of Kenya websites in one night(!) is a crying shame. In addition to that, the fact that it seems all or most of these sites were hosted on a single server is a travesty of best practice.
Is it so difficult for GoK to invite (readily available) information security experts to design and implement a suitable online information framework for public government websites?
Shaking my head,
Brian
-- Brian Munyao Longwe e-mail: blongwe@gmail.com cell: +254715964281 blog : http://zinjlog.blogspot.com meta-blog: http://mashilingi.blogspot.com
-- Cheers, McTim "A name indicates what we seek. An address indicates where it is. A route indicates how we get there." Jon Postel _______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development. KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
Do the people charged with maintaining these websites diligent enough to upgrade the JOOMLA code when new security updates are released? Can we have a government paper on which FLOSS CMS can be used on government websites, and how often they are upgraded? IF 50% of these government institutions are ISO certified, and they pledge to maintaining managable Quality Systems, are we saying that the ISO certification is a sharm, and KEBS, SGS et-al are doing a bogus job? Just unthinking loud -- ______________________ Mwendwa Kivuva For Business Development Transworld Computer Channels Cel: 0722402248 twitter.com/lordmwesh transworldAfrica.com | Fluent in computing kenya.or.ke | The Kenya we know
Thanks for the news Brian. This is a big shame for all Kenyans that our Government sites can be hacked by a simpleton. It is important to establish who in the maze of ICT Governance in the Government is responsible for Government sites and what coordination there is between different agencies and ministries. Are there appropriate ICT Policies in place covering areas such as Hosting Policy, Server Back-up Policy, etc? Is there regular ICT Audit of Government systems and methods to ensure that they conform to recognised standards and are acceptably safe and secure? Some learning should come out of this incident. On Tue, Jan 17, 2012, at 04:09 PM, Brian Munyao Longwe wrote: The fact that a student on a hacking/computer security course could hack into and deface more than 100 Government of Kenya websites in one night(!) is a crying shame. In addition to that, the fact that it seems all or most of these sites were hosted on a single server is a travesty of best practice. Is it so difficult for GoK to invite (readily available) information security experts to design and implement a suitable online information framework for public government websites? Shaking my head, Brian -- Brian Munyao Longwe e-mail: [1]blongwe@gmail.com cell: +254715964281 blog : [2]http://zinjlog.blogspot.com meta-blog: [3]http://mashilingi.blogspot.com _______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/ options/kictanet/emailsignet%40mailcan.com The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform fo r people and institutions interested and involved in ICT policy and regula tion. The network aims to act as a catalyst for reform in the ICT sector i n support of the national aim of ICT enabled growth and development. KICTANetiquette : Adhere to the same standards of acceptable behaviors onl ine that you follow in real life: respect people's times and bandwidth, sh are knowledge, don't flame or abuse or personalize, respect privacy, do no t spam, do not market your wares or qualifications. References 1. mailto:blongwe@gmail.com 2. http://zinjlog.blogspot.com/ 3. http://mashilingi.blogspot.com/
True that Dr. Siganga, we probably need the broad principles and practices of www.isaca.org after all. walu. --- On Tue, 1/17/12, waudo siganga <emailsignet@mailcan.com> wrote: From: waudo siganga <emailsignet@mailcan.com> Subject: Re: [kictanet] Government website Hacking incident a crying shame To: jwalu@yahoo.com Cc: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke> Date: Tuesday, January 17, 2012, 6:42 PM Thanks for the news Brian. This is a big shame for all Kenyans that our Government sites can be hacked by a simpleton. It is important to establish who in the maze of ICT Governance in the Government is responsible for Government sites and what coordination there is between different agencies and ministries. Are there appropriate ICT Policies in place covering areas such as Hosting Policy, Server Back-up Policy, etc? Is there regular ICT Audit of Government systems and methods to ensure that they conform to recognised standards and are acceptably safe and secure? Some learning should come out of this incident. On Tue, Jan 17, 2012, at 04:09 PM, Brian Munyao Longwe wrote: The fact that a student on a hacking/computer security course could hack into and deface more than 100 Government of Kenya websites in one night(!) is a crying shame. In addition to that, the fact that it seems all or most of these sites were hosted on a single server is a travesty of best practice. Is it so difficult for GoK to invite (readily available) information security experts to design and implement a suitable online information framework for public government websites? Shaking my head, Brian -- Brian Munyao Longwe e-mail: blongwe@gmail.com cell: +254715964281 blog : http://zinjlog.blogspot.com meta-blog: http://mashilingi.blogspot.com _______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/emailsignet%40mailcan.c... The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development. KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications. -----Inline Attachment Follows----- _______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development. KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
am totally, impressed....someone needs to give this guy a job, the CERT, team? Kind Regards, “To live is to choose. But to choose well, you must know who you are and what you stand for, where you want to go and why you want to get there.” Kofi Annan On Tue, Jan 17, 2012 at 6:48 PM, Walubengo J <jwalu@yahoo.com> wrote:
True that Dr. Siganga,
we probably need the broad principles and practices of www.isaca.orgafter all.
walu.
--- On *Tue, 1/17/12, waudo siganga <emailsignet@mailcan.com>* wrote:
From: waudo siganga <emailsignet@mailcan.com>
Subject: Re: [kictanet] Government website Hacking incident a crying shame To: jwalu@yahoo.com Cc: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke> Date: Tuesday, January 17, 2012, 6:42 PM
Thanks for the news Brian. This is a big shame for all Kenyans that our Government sites can be hacked by a simpleton. It is important to establish who in the maze of ICT Governance in the Government is responsible for Government sites and what coordination there is between different agencies and ministries. Are there appropriate ICT Policies in place covering areas such as Hosting Policy, Server Back-up Policy, etc? Is there regular ICT Audit of Government systems and methods to ensure that they conform to recognised standards and are acceptably safe and secure? Some learning should come out of this incident.
On Tue, Jan 17, 2012, at 04:09 PM, Brian Munyao Longwe wrote:
The fact that a student on a hacking/computer security course could hack into and deface more than 100 Government of Kenya websites in one night(!)is a crying shame. In addition to that, the fact that it seems all or most of these sites were hosted on a single server is a travesty of best practice.
Is it so difficult for GoK to invite (readily available) information security experts to design and implement a suitable online information framework for public government websites?
Shaking my head,
Brian
-- Brian Munyao Longwe e-mail: blongwe@gmail.com <http://mc/compose?to=blongwe@gmail.com> cell: +254715964281 blog : http://zinjlog.blogspot.com meta-blog: http://mashilingi.blogspot.com
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/emailsignet%40mailcan.c...
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-----Inline Attachment Follows-----
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke<http://mc/compose?to=kictanet@lists.kictanet.or.ke> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/judyokite%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
I remember being approached way back in 2002, just after I had set up KIXP by some tech guru from an Eastern European country's embassy here in Kenya, wanting to find out how they could access ISPs (ostensibly for their intelligence activities, though he didn't say as much). My response was a flat, "please conduct your business through the appropriate government and diplomatic channels". It scares me to think how much of our confidential information is in the hands of foreign govts who have top notch security professionals on their payroll if such a 'simpleton' can actually break into the server hosting the majority of our govts public websites. Once again I call for a proper information security policy framework and associated interventions to ensure that we are on solid ground when it comes to data and information resource protection. Come on guys - we are probably the most connected country in the continent with the number of optical fibers (and bandwidth) landing into our borders and the levels of internal infrastructure, let us face the stark reality that these huge information highways carry good as well as bad traffic and do what is necessary to protect against external and internal threats. Still shaking my head, Brian On Tue, Jan 17, 2012 at 5:42 PM, waudo siganga <emailsignet@mailcan.com>wrote:
Thanks for the news Brian. This is a big shame for all Kenyans that our Government sites can be hacked by a simpleton. It is important to establish who in the maze of ICT Governance in the Government is responsible for Government sites and what coordination there is between different agencies and ministries. Are there appropriate ICT Policies in place covering areas such as Hosting Policy, Server Back-up Policy, etc? Is there regular ICT Audit of Government systems and methods to ensure that they conform to recognised standards and are acceptably safe and secure? Some learning should come out of this incident.
On Tue, Jan 17, 2012, at 04:09 PM, Brian Munyao Longwe wrote:
The fact that a student on a hacking/computer security course could hack into and deface more than 100 Government of Kenya websites in one night(!)is a crying shame. In addition to that, the fact that it seems all or most of these sites were hosted on a single server is a travesty of best practice.
Is it so difficult for GoK to invite (readily available) information security experts to design and implement a suitable online information framework for public government websites?
Shaking my head,
Brian
-- Brian Munyao Longwe e-mail: blongwe@gmail.com cell: +254715964281 blog : http://zinjlog.blogspot.com meta-blog: http://mashilingi.blogspot.com
_______________________________________________ kictanet mailing listkictanet@lists.kictanet.or.kehttp://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/emailsignet%40mailcan.c...
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-- Brian Munyao Longwe e-mail: blongwe@gmail.com cell: +254715964281 blog : http://zinjlog.blogspot.com meta-blog: http://mashilingi.blogspot.com
participants (9)
-
Brian Munyao Longwe -
Harry Delano -
John Gitau -
Judy Okite -
lordmwesh -
McTim -
Odhiambo Washington -
Walubengo J -
waudo siganga