Re: [kictanet] Ring of bank hackers busted - Daily Nation
Even with the collusion claimed in the article, the failure of controls that should prevent unauthorised physical and remote access to systems is quite troubling. On 09/03/2017 06:18, kictanet-request@lists.kictanet.or.ke wrote:
Today we get a glimpse of the magnitude of cyber crime in the country.
Kenya Revenue Authority, several blue-chip banks, a parastatal and a supermarket chain are some of the institutions penetrated by an international cybercrime syndicate that took off with hundreds of millions of shillings ? before they were all seized on Monday and Tuesday.
Read on:-
http://www.nation.co.ke/news/Police-bust-ring-of-hackers/1056-3842558-11h7q5...
This reactionary approach is quite ridiculous. I bet you the prosecutors will have a hard time even proving the crime. Some wouldn't even know what malware is. Now start explaining Salami to them. Well it's commendable CA seems to be doing something in this space http://www.nation.co.ke/news/Communication-Authority-open-centre-to-combat-c... However, why open a centre for the sole purpose of reporting and investigating claims? Proactivity would be a better approach. The irony is how the CIA has taken this 'precautionary approach' to the next level as seen with the wikileaks dump. On Thu, Mar 9, 2017 at 7:26 AM, Mark Kipyegon via kictanet < kictanet@lists.kictanet.or.ke> wrote:
Even with the collusion claimed in the article, the failure of controls that should prevent unauthorised physical and remote access to systems is quite troubling.
On 09/03/2017 06:18, kictanet-request@lists.kictanet.or.ke wrote:
Today we get a glimpse of the magnitude of cyber crime in the country.
Kenya Revenue Authority, several blue-chip banks, a parastatal and a
supermarket chain are some of the institutions penetrated by an international cybercrime syndicate that took off with hundreds of millions of shillings ? before they were all seized on Monday and Tuesday.
Read on:-
1056-3842558-11h7q5xz/index.html
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/ mailman/options/kictanet/kaninimutemi%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-- *Mercy Mutemi, Advocate*.
Cybercrime, As Kanini Mutemi rightly observes Kenya does not possess the substantive, procedural (legally) institutional and capacity tools to effectively deal with transnational online criminal activity. Cyber-crime (in the substantive forms enumerated in the various bills doing rounds) presents a simple conundrum for law: a more global law or a less global internet? What does this mean in practice? First, that we need a regional instrumen- and then multilateral global instrument that harmonizes substantive offences (ensuring the principle of double criminality) and substantive criminal procedure (Arrest Warrants and Evidence Sharing). This later bit is consequential because extra territorial executive action is a violation of international law (Lotus- France v Turkey). It is also crucial to have data frameworks that allow flexibility for law enforcement (imagine judicial hurdles imposed every time inter state data transfers are sought by law enforcement).Further, traditional methods of law enforcement cooperation in the form of Mutual Legal Assistance Treaties (MLATS) are too cumbersome opaque and resource needy to deal with the agile needs of volatile data. This is fundamental because technologies such as cloud computing and block chain make a nonsense of the Westphalian model of territory and jurisdiction. regards, On Thu, Mar 9, 2017 at 11:43 AM, kanini mutemi via kictanet < kictanet@lists.kictanet.or.ke> wrote:
This reactionary approach is quite ridiculous. I bet you the prosecutors will have a hard time even proving the crime. Some wouldn't even know what malware is. Now start explaining Salami to them.
Well it's commendable CA seems to be doing something in this space http://www.nation.co.ke/news/Communication-Authority-open- centre-to-combat-cyber-crime/1056-3405682-5hjk2pz/index.html
However, why open a centre for the sole purpose of reporting and investigating claims? Proactivity would be a better approach. The irony is how the CIA has taken this 'precautionary approach' to the next level as seen with the wikileaks dump.
On Thu, Mar 9, 2017 at 7:26 AM, Mark Kipyegon via kictanet < kictanet@lists.kictanet.or.ke> wrote:
Even with the collusion claimed in the article, the failure of controls that should prevent unauthorised physical and remote access to systems is quite troubling.
On 09/03/2017 06:18, kictanet-request@lists.kictanet.or.ke wrote:
Today we get a glimpse of the magnitude of cyber crime in the country.
Kenya Revenue Authority, several blue-chip banks, a parastatal and a
supermarket chain are some of the institutions penetrated by an international cybercrime syndicate that took off with hundreds of millions of shillings ? before they were all seized on Monday and Tuesday.
Read on:-
http://www.nation.co.ke/news/Police-bust-ring-of-hackers/105
6-3842558-11h7q5xz/index.html
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/m ailman/options/kictanet/kaninimutemi%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-- *Mercy Mutemi, Advocate*.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/ mailman/options/kictanet/dgichuki%40strathmore.edu
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-- *Note: *All emails sent from Strathmore University are subject to Strathmore’s Email Terms & Conditions. Please click here <http://www.strathmore.edu/en/email-policy> to read the policy. "Visit our Facebook <https://www.facebook.com/StrathmoreUniversity>Page and Twitter <https://twitter.com/StrathU>Account".
Enlightening! A quick reading of the now withdrawn Cyber Security and Protection Bill gave a sense that we're still looking at cyber crime with the same eyes that crafted the Penal Code. Simplistic. Retroactive. Without necessarily addressing the unique challenges these crimes present. Perhaps it's time that the government considers actual capacity building in this field (no not just benchmarking visits and one week courses). For them to regulate this area adequately, they must first understand it's ins and outs. On Thu, Mar 9, 2017 at 2:05 PM, Douglas Gichuki <dgichuki@strathmore.edu> wrote:
Cybercrime,
As Kanini Mutemi rightly observes Kenya does not possess the substantive, procedural (legally) institutional and capacity tools to effectively deal with transnational online criminal activity.
Cyber-crime (in the substantive forms enumerated in the various bills doing rounds) presents a simple conundrum for law: a more global law or a less global internet? What does this mean in practice? First, that we need a regional instrumen- and then multilateral global instrument that harmonizes substantive offences (ensuring the principle of double criminality) and substantive criminal procedure (Arrest Warrants and Evidence Sharing).
This later bit is consequential because extra territorial executive action is a violation of international law (Lotus- France v Turkey). It is also crucial to have data frameworks that allow flexibility for law enforcement (imagine judicial hurdles imposed every time inter state data transfers are sought by law enforcement).Further, traditional methods of law enforcement cooperation in the form of Mutual Legal Assistance Treaties (MLATS) are too cumbersome opaque and resource needy to deal with the agile needs of volatile data.
This is fundamental because technologies such as cloud computing and block chain make a nonsense of the Westphalian model of territory and jurisdiction.
regards,
On Thu, Mar 9, 2017 at 11:43 AM, kanini mutemi via kictanet < kictanet@lists.kictanet.or.ke> wrote:
This reactionary approach is quite ridiculous. I bet you the prosecutors will have a hard time even proving the crime. Some wouldn't even know what malware is. Now start explaining Salami to them.
Well it's commendable CA seems to be doing something in this space http://www.nation.co.ke/news/Communication-Authority-open-ce ntre-to-combat-cyber-crime/1056-3405682-5hjk2pz/index.html
However, why open a centre for the sole purpose of reporting and investigating claims? Proactivity would be a better approach. The irony is how the CIA has taken this 'precautionary approach' to the next level as seen with the wikileaks dump.
On Thu, Mar 9, 2017 at 7:26 AM, Mark Kipyegon via kictanet < kictanet@lists.kictanet.or.ke> wrote:
Even with the collusion claimed in the article, the failure of controls that should prevent unauthorised physical and remote access to systems is quite troubling.
On 09/03/2017 06:18, kictanet-request@lists.kictanet.or.ke wrote:
Today we get a glimpse of the magnitude of cyber crime in the country.
Kenya Revenue Authority, several blue-chip banks, a parastatal and a
supermarket chain are some of the institutions penetrated by an international cybercrime syndicate that took off with hundreds of millions of shillings ? before they were all seized on Monday and Tuesday.
Read on:-
http://www.nation.co.ke/news/Police-bust-ring-of-hackers/105
6-3842558-11h7q5xz/index.html
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/m ailman/options/kictanet/kaninimutemi%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-- *Mercy Mutemi, Advocate*.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/m ailman/options/kictanet/dgichuki%40strathmore.edu
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
*Note: *All emails sent from Strathmore University are subject to Strathmore’s Email Terms & Conditions. Please click here <http://www.strathmore.edu/en/email-policy> to read the policy.
"Visit our Facebook <https://www.facebook.com/StrathmoreUniversity>Page and Twitter <https://twitter.com/StrathU>Account".
-- *Mercy Mutemi, Advocate*.
An opportunity for the community to now insert itself and engage to enhance the bill? Ali Hussein Principal Hussein & Associates +254 0713 601113 Twitter: @AliHKassim Skype: abu-jomo LinkedIn: http://ke.linkedin.com/in/alihkassim "We are what we repeatedly do. Excellence, therefore, is not an act but a habit." ~ Aristotle Sent from my iPad
On 9 Mar 2017, at 2:24 PM, kanini mutemi via kictanet <kictanet@lists.kictanet.or.ke> wrote:
Enlightening!
A quick reading of the now withdrawn Cyber Security and Protection Bill gave a sense that we're still looking at cyber crime with the same eyes that crafted the Penal Code. Simplistic. Retroactive. Without necessarily addressing the unique challenges these crimes present. Perhaps it's time that the government considers actual capacity building in this field (no not just benchmarking visits and one week courses). For them to regulate this area adequately, they must first understand it's ins and outs.
On Thu, Mar 9, 2017 at 2:05 PM, Douglas Gichuki <dgichuki@strathmore.edu> wrote:
Cybercrime,
As Kanini Mutemi rightly observes Kenya does not possess the substantive, procedural (legally) institutional and capacity tools to effectively deal with transnational online criminal activity.
Cyber-crime (in the substantive forms enumerated in the various bills doing rounds) presents a simple conundrum for law: a more global law or a less global internet? What does this mean in practice? First, that we need a regional instrumen- and then multilateral global instrument that harmonizes substantive offences (ensuring the principle of double criminality) and substantive criminal procedure (Arrest Warrants and Evidence Sharing).
This later bit is consequential because extra territorial executive action is a violation of international law (Lotus- France v Turkey). It is also crucial to have data frameworks that allow flexibility for law enforcement (imagine judicial hurdles imposed every time inter state data transfers are sought by law enforcement).Further, traditional methods of law enforcement cooperation in the form of Mutual Legal Assistance Treaties (MLATS) are too cumbersome opaque and resource needy to deal with the agile needs of volatile data.
This is fundamental because technologies such as cloud computing and block chain make a nonsense of the Westphalian model of territory and jurisdiction.
regards,
On Thu, Mar 9, 2017 at 11:43 AM, kanini mutemi via kictanet <kictanet@lists.kictanet.or.ke> wrote: This reactionary approach is quite ridiculous. I bet you the prosecutors will have a hard time even proving the crime. Some wouldn't even know what malware is. Now start explaining Salami to them.
Well it's commendable CA seems to be doing something in this space http://www.nation.co.ke/news/Communication-Authority-open-centre-to-combat-c...
However, why open a centre for the sole purpose of reporting and investigating claims? Proactivity would be a better approach. The irony is how the CIA has taken this 'precautionary approach' to the next level as seen with the wikileaks dump.
On Thu, Mar 9, 2017 at 7:26 AM, Mark Kipyegon via kictanet <kictanet@lists.kictanet.or.ke> wrote: Even with the collusion claimed in the article, the failure of controls that should prevent unauthorised physical and remote access to systems is quite troubling.
On 09/03/2017 06:18, kictanet-request@lists.kictanet.or.ke wrote:
Today we get a glimpse of the magnitude of cyber crime in the country.
Kenya Revenue Authority, several blue-chip banks, a parastatal and a supermarket chain are some of the institutions penetrated by an international cybercrime syndicate that took off with hundreds of millions of shillings ? before they were all seized on Monday and Tuesday.
Read on:-
http://www.nation.co.ke/news/Police-bust-ring-of-hackers/1056-3842558-11h7q5...
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/kaninimutemi%40gmail.c...
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-- Mercy Mutemi, Advocate.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/dgichuki%40strathmore....
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
Note: All emails sent from Strathmore University are subject to Strathmore’s Email Terms & Conditions. Please click here to read the policy.
"Visit our Facebook Page and Twitter Account".
-- Mercy Mutemi, Advocate.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/info%40alyhussein.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
Exactly Ali, time is now. On Mar 9, 2017 5:24 PM, "Ali Hussein via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
An opportunity for the community to now insert itself and engage to enhance the bill?
*Ali Hussein* *Principal* *Hussein & Associates* +254 0713 601113 <0713%20601113>
Twitter: @AliHKassim
Skype: abu-jomo
LinkedIn: http://ke.linkedin.com/in/alihkassim
"We are what we repeatedly do. Excellence, therefore, is not an act but a habit." ~ Aristotle
Sent from my iPad
On 9 Mar 2017, at 2:24 PM, kanini mutemi via kictanet < kictanet@lists.kictanet.or.ke> wrote:
Enlightening!
A quick reading of the now withdrawn Cyber Security and Protection Bill gave a sense that we're still looking at cyber crime with the same eyes that crafted the Penal Code. Simplistic. Retroactive. Without necessarily addressing the unique challenges these crimes present. Perhaps it's time that the government considers actual capacity building in this field (no not just benchmarking visits and one week courses). For them to regulate this area adequately, they must first understand it's ins and outs.
On Thu, Mar 9, 2017 at 2:05 PM, Douglas Gichuki <dgichuki@strathmore.edu> wrote:
Cybercrime,
As Kanini Mutemi rightly observes Kenya does not possess the substantive, procedural (legally) institutional and capacity tools to effectively deal with transnational online criminal activity.
Cyber-crime (in the substantive forms enumerated in the various bills doing rounds) presents a simple conundrum for law: a more global law or a less global internet? What does this mean in practice? First, that we need a regional instrumen- and then multilateral global instrument that harmonizes substantive offences (ensuring the principle of double criminality) and substantive criminal procedure (Arrest Warrants and Evidence Sharing).
This later bit is consequential because extra territorial executive action is a violation of international law (Lotus- France v Turkey). It is also crucial to have data frameworks that allow flexibility for law enforcement (imagine judicial hurdles imposed every time inter state data transfers are sought by law enforcement).Further, traditional methods of law enforcement cooperation in the form of Mutual Legal Assistance Treaties (MLATS) are too cumbersome opaque and resource needy to deal with the agile needs of volatile data.
This is fundamental because technologies such as cloud computing and block chain make a nonsense of the Westphalian model of territory and jurisdiction.
regards,
On Thu, Mar 9, 2017 at 11:43 AM, kanini mutemi via kictanet < kictanet@lists.kictanet.or.ke> wrote:
This reactionary approach is quite ridiculous. I bet you the prosecutors will have a hard time even proving the crime. Some wouldn't even know what malware is. Now start explaining Salami to them.
Well it's commendable CA seems to be doing something in this space http://www.nation.co.ke/news/Communication-Authority-open-ce ntre-to-combat-cyber-crime/1056-3405682-5hjk2pz/index.html
However, why open a centre for the sole purpose of reporting and investigating claims? Proactivity would be a better approach. The irony is how the CIA has taken this 'precautionary approach' to the next level as seen with the wikileaks dump.
On Thu, Mar 9, 2017 at 7:26 AM, Mark Kipyegon via kictanet < kictanet@lists.kictanet.or.ke> wrote:
Even with the collusion claimed in the article, the failure of controls that should prevent unauthorised physical and remote access to systems is quite troubling.
On 09/03/2017 06:18, kictanet-request@lists.kictanet.or.ke wrote:
Today we get a glimpse of the magnitude of cyber crime in the country.
Kenya Revenue Authority, several blue-chip banks, a parastatal and a
supermarket chain are some of the institutions penetrated by an international cybercrime syndicate that took off with hundreds of millions of shillings ? before they were all seized on Monday and Tuesday.
Read on:-
http://www.nation.co.ke/news/Police-bust-ring-of-hackers/105
6-3842558-11h7q5xz/index.html
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/m ailman/options/kictanet/kaninimutemi%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-- *Mercy Mutemi, Advocate*.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/m ailman/options/kictanet/dgichuki%40strathmore.edu
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
*Note: *All emails sent from Strathmore University are subject to Strathmore’s Email Terms & Conditions. Please click here <http://www.strathmore.edu/en/email-policy> to read the policy.
"Visit our Facebook <https://www.facebook.com/StrathmoreUniversity>Page and Twitter <https://twitter.com/StrathU>Account".
-- *Mercy Mutemi, Advocate*.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/ mailman/options/kictanet/info%40alyhussein.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/ mailman/options/kictanet/dmuthoni%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
Thanks Ali for sharing. Interesting, if not all too common story globally. "A chain is only as strong as its weakest link" comes to mind. The weakest link being the human element in this case but could also be applicable to scale with lack of ratifying and enforcing regulation & agreements nationally and internationally; of which difficulties Gichuki has already mentioned. From my experience securing systems is the stronger (or at least easier to implement) part of the chain. Can regulations particularly for government institutions and large financials be tightened up? For example, would not a mandatory, regular security audit by a reputable external firm be able to deter, if not bring to light such hacking sprees? Regards Stuart Houston IT consultant and project manager Vimak Studio House, 5th Floor, Marcus Garvey Rd off Argwings Kodhek Rd +254 711 231726 | +254 731 993931 | info@vimak.co.ke This e-mail and any attachments are confidential. They may contain privileged information and are intended for the named addressee(s) only. Unless expressly stated, opinions in this e-mail are those of the individual sender and not of Vimak. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you are not the intended recipient, please telephone or e-mail the sender and delete this message and any attachments immediately On Thu, Mar 9, 2017 at 5:46 PM, Dorcas Muthoni via kictanet < kictanet@lists.kictanet.or.ke> wrote:
Exactly Ali, time is now.
On Mar 9, 2017 5:24 PM, "Ali Hussein via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
An opportunity for the community to now insert itself and engage to enhance the bill?
*Ali Hussein* *Principal* *Hussein & Associates* +254 0713 601113 <0713%20601113>
Twitter: @AliHKassim
Skype: abu-jomo
LinkedIn: http://ke.linkedin.com/in/alihkassim
"We are what we repeatedly do. Excellence, therefore, is not an act but a habit." ~ Aristotle
Sent from my iPad
On 9 Mar 2017, at 2:24 PM, kanini mutemi via kictanet < kictanet@lists.kictanet.or.ke> wrote:
Enlightening!
A quick reading of the now withdrawn Cyber Security and Protection Bill gave a sense that we're still looking at cyber crime with the same eyes that crafted the Penal Code. Simplistic. Retroactive. Without necessarily addressing the unique challenges these crimes present. Perhaps it's time that the government considers actual capacity building in this field (no not just benchmarking visits and one week courses). For them to regulate this area adequately, they must first understand it's ins and outs.
On Thu, Mar 9, 2017 at 2:05 PM, Douglas Gichuki <dgichuki@strathmore.edu> wrote:
Cybercrime,
As Kanini Mutemi rightly observes Kenya does not possess the substantive, procedural (legally) institutional and capacity tools to effectively deal with transnational online criminal activity.
Cyber-crime (in the substantive forms enumerated in the various bills doing rounds) presents a simple conundrum for law: a more global law or a less global internet? What does this mean in practice? First, that we need a regional instrumen- and then multilateral global instrument that harmonizes substantive offences (ensuring the principle of double criminality) and substantive criminal procedure (Arrest Warrants and Evidence Sharing).
This later bit is consequential because extra territorial executive action is a violation of international law (Lotus- France v Turkey). It is also crucial to have data frameworks that allow flexibility for law enforcement (imagine judicial hurdles imposed every time inter state data transfers are sought by law enforcement).Further, traditional methods of law enforcement cooperation in the form of Mutual Legal Assistance Treaties (MLATS) are too cumbersome opaque and resource needy to deal with the agile needs of volatile data.
This is fundamental because technologies such as cloud computing and block chain make a nonsense of the Westphalian model of territory and jurisdiction.
regards,
On Thu, Mar 9, 2017 at 11:43 AM, kanini mutemi via kictanet < kictanet@lists.kictanet.or.ke> wrote:
This reactionary approach is quite ridiculous. I bet you the prosecutors will have a hard time even proving the crime. Some wouldn't even know what malware is. Now start explaining Salami to them.
Well it's commendable CA seems to be doing something in this space http://www.nation.co.ke/news/Communication-Authority-open-ce ntre-to-combat-cyber-crime/1056-3405682-5hjk2pz/index.html
However, why open a centre for the sole purpose of reporting and investigating claims? Proactivity would be a better approach. The irony is how the CIA has taken this 'precautionary approach' to the next level as seen with the wikileaks dump.
On Thu, Mar 9, 2017 at 7:26 AM, Mark Kipyegon via kictanet < kictanet@lists.kictanet.or.ke> wrote:
Even with the collusion claimed in the article, the failure of controls that should prevent unauthorised physical and remote access to systems is quite troubling.
On 09/03/2017 06:18, kictanet-request@lists.kictanet.or.ke wrote:
Today we get a glimpse of the magnitude of cyber crime in the
country.
Kenya Revenue Authority, several blue-chip banks, a parastatal and a
supermarket chain are some of the institutions penetrated by an international cybercrime syndicate that took off with hundreds of millions of shillings ? before they were all seized on Monday and Tuesday.
Read on:-
http://www.nation.co.ke/news/Police-bust-ring-of-hackers/105
6-3842558-11h7q5xz/index.html
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/m ailman/options/kictanet/kaninimutemi%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-- *Mercy Mutemi, Advocate*.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/m ailman/options/kictanet/dgichuki%40strathmore.edu
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
*Note: *All emails sent from Strathmore University are subject to Strathmore’s Email Terms & Conditions. Please click here <http://www.strathmore.edu/en/email-policy> to read the policy.
"Visit our Facebook <https://www.facebook.com/StrathmoreUniversity>Page and Twitter <https://twitter.com/StrathU>Account".
-- *Mercy Mutemi, Advocate*.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/m ailman/options/kictanet/info%40alyhussein.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/m ailman/options/kictanet/dmuthoni%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/ mailman/options/kictanet/shouston%40vimak.co.ke
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
Stuart, Your suggestion makes practical sense, before a core banking system is installed penetration testing is carried out, how often are audits carried out after? As we seek to get legislation there needs to be a practical merger between prospective laws and practice to ensure that laws if passed will adequately prevent the vice. Kind regards, Rosemary Koech-Kimwatu Advocate On Mar 9, 2017 19:09, "Stuart Houston via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
Thanks Ali for sharing. Interesting, if not all too common story globally.
"A chain is only as strong as its weakest link" comes to mind. The weakest link being the human element in this case but could also be applicable to scale with lack of ratifying and enforcing regulation & agreements nationally and internationally; of which difficulties Gichuki has already mentioned. From my experience securing systems is the stronger (or at least easier to implement) part of the chain.
Can regulations particularly for government institutions and large financials be tightened up? For example, would not a mandatory, regular security audit by a reputable external firm be able to deter, if not bring to light such hacking sprees?
Regards Stuart Houston IT consultant and project manager Vimak
Studio House, 5th Floor, Marcus Garvey Rd off Argwings Kodhek Rd
+254 711 231726 | +254 731 993931 | info@vimak.co.ke
This e-mail and any attachments are confidential. They may contain privileged information and are intended for the named addressee(s) only. Unless expressly stated, opinions in this e-mail are those of the individual sender and not of Vimak. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you are not the intended recipient, please telephone or e-mail the sender and delete this message and any attachments immediately
On Thu, Mar 9, 2017 at 5:46 PM, Dorcas Muthoni via kictanet < kictanet@lists.kictanet.or.ke> wrote:
Exactly Ali, time is now.
On Mar 9, 2017 5:24 PM, "Ali Hussein via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
An opportunity for the community to now insert itself and engage to enhance the bill?
*Ali Hussein* *Principal* *Hussein & Associates* +254 0713 601113 <0713%20601113>
Twitter: @AliHKassim
Skype: abu-jomo
LinkedIn: http://ke.linkedin.com/in/alihkassim
"We are what we repeatedly do. Excellence, therefore, is not an act but a habit." ~ Aristotle
Sent from my iPad
On 9 Mar 2017, at 2:24 PM, kanini mutemi via kictanet < kictanet@lists.kictanet.or.ke> wrote:
Enlightening!
A quick reading of the now withdrawn Cyber Security and Protection Bill gave a sense that we're still looking at cyber crime with the same eyes that crafted the Penal Code. Simplistic. Retroactive. Without necessarily addressing the unique challenges these crimes present. Perhaps it's time that the government considers actual capacity building in this field (no not just benchmarking visits and one week courses). For them to regulate this area adequately, they must first understand it's ins and outs.
On Thu, Mar 9, 2017 at 2:05 PM, Douglas Gichuki <dgichuki@strathmore.edu
wrote:
Cybercrime,
As Kanini Mutemi rightly observes Kenya does not possess the substantive, procedural (legally) institutional and capacity tools to effectively deal with transnational online criminal activity.
Cyber-crime (in the substantive forms enumerated in the various bills doing rounds) presents a simple conundrum for law: a more global law or a less global internet? What does this mean in practice? First, that we need a regional instrumen- and then multilateral global instrument that harmonizes substantive offences (ensuring the principle of double criminality) and substantive criminal procedure (Arrest Warrants and Evidence Sharing).
This later bit is consequential because extra territorial executive action is a violation of international law (Lotus- France v Turkey). It is also crucial to have data frameworks that allow flexibility for law enforcement (imagine judicial hurdles imposed every time inter state data transfers are sought by law enforcement).Further, traditional methods of law enforcement cooperation in the form of Mutual Legal Assistance Treaties (MLATS) are too cumbersome opaque and resource needy to deal with the agile needs of volatile data.
This is fundamental because technologies such as cloud computing and block chain make a nonsense of the Westphalian model of territory and jurisdiction.
regards,
On Thu, Mar 9, 2017 at 11:43 AM, kanini mutemi via kictanet < kictanet@lists.kictanet.or.ke> wrote:
This reactionary approach is quite ridiculous. I bet you the prosecutors will have a hard time even proving the crime. Some wouldn't even know what malware is. Now start explaining Salami to them.
Well it's commendable CA seems to be doing something in this space http://www.nation.co.ke/news/Communication-Authority-open-ce ntre-to-combat-cyber-crime/1056-3405682-5hjk2pz/index.html
However, why open a centre for the sole purpose of reporting and investigating claims? Proactivity would be a better approach. The irony is how the CIA has taken this 'precautionary approach' to the next level as seen with the wikileaks dump.
On Thu, Mar 9, 2017 at 7:26 AM, Mark Kipyegon via kictanet < kictanet@lists.kictanet.or.ke> wrote:
Even with the collusion claimed in the article, the failure of controls that should prevent unauthorised physical and remote access to systems is quite troubling.
On 09/03/2017 06:18, kictanet-request@lists.kictanet.or.ke wrote: > > Today we get a glimpse of the magnitude of cyber crime in the country. > > Kenya Revenue Authority, several blue-chip banks, a parastatal and a supermarket chain are some of the institutions penetrated by an international cybercrime syndicate that took off with hundreds of millions of shillings ? before they were all seized on Monday and Tuesday. > > Read on:- > > http://www.nation.co.ke/news/Police-bust-ring-of-hackers/105 6-3842558-11h7q5xz/index.html > >
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/m ailman/options/kictanet/kaninimutemi%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-- *Mercy Mutemi, Advocate*.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/m ailman/options/kictanet/dgichuki%40strathmore.edu
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
*Note: *All emails sent from Strathmore University are subject to Strathmore’s Email Terms & Conditions. Please click here <http://www.strathmore.edu/en/email-policy> to read the policy.
"Visit our Facebook <https://www.facebook.com/StrathmoreUniversity>Page and Twitter <https://twitter.com/StrathU>Account".
-- *Mercy Mutemi, Advocate*.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/m ailman/options/kictanet/info%40alyhussein.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/m ailman/options/kictanet/dmuthoni%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/m ailman/options/kictanet/shouston%40vimak.co.ke
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/ mailman/options/kictanet/chemukoechk%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
participants (7)
-
Ali Hussein -
Dorcas Muthoni -
Douglas Gichuki -
kanini mutemi -
Mark Kipyegon -
Rosemary Koech-Kimwatu -
Stuart Houston