Another wave of cyber attacks against Kenya?
Yesterday the website of a legal firm specializing in intellectual property that belongs to a friend was hacked and defaced. I discovered when going to look up some materials on copyright and immediately alerted him, he has since mobilized his web designer/hosting company to deal with the issue. I managed to take a screenshot of the homepage in it's "hacked" state. As you can see the "hackers" claim to be from Saudi Arabia and (as can be expected) are very proud that they have compromised this site. In the background is the logo of Backtrack, which could is a linux distribution designed for information security that consists of a wide range of "hacker" tools. [image: Inline image 1] This incident could be evidence of the beginning of another wave of attacks against Kenyan systems on the Internet. We desperately need an awareness campaign that will alert website owners/operators to the dangers and prompt them to get themselves checked (like the HIV campaign). Best regards, Brian
Agreed Mblayo we also need to create more job opportunities :-) Best Regards On Fri, Apr 5, 2013 at 12:59 PM, Brian Munyao Longwe <blongwe@gmail.com>wrote:
Yesterday the website of a legal firm specializing in intellectual property that belongs to a friend was hacked and defaced. I discovered when going to look up some materials on copyright and immediately alerted him, he has since mobilized his web designer/hosting company to deal with the issue.
I managed to take a screenshot of the homepage in it's "hacked" state. As you can see the "hackers" claim to be from Saudi Arabia and (as can be expected) are very proud that they have compromised this site. In the background is the logo of Backtrack, which could is a linux distribution designed for information security that consists of a wide range of "hacker" tools. [image: Inline image 1] This incident could be evidence of the beginning of another wave of attacks against Kenyan systems on the Internet.
We desperately need an awareness campaign that will alert website owners/operators to the dangers and prompt them to get themselves checked (like the HIV campaign).
Best regards,
Brian
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Barrack O. Otieno +254721325277 +254-20-2498789 Skype: barrack.otieno http://www.otienobarrack.me.ke/
I guess that there exists a product lifecycle issue when it comes to the design of secure websites. A few weeks ago there was a similar occurrence on many websites hosted by Safaricom and as usual there was quite and outburst of blame between the site owners and the hosting company. Digging into the issue, it was realized that most of the hacked websites ran on joomla and wordpress platforms and were using quite a number of vulnerable plugins. http://docs.joomla.org/Vulnerable_Extensions_List That confirms that very little effort goes to security checks when it goes to web dev. Its a case of when one want a website, they (on the contractor) quickly get a template, change the content and in a few hours, the site is up and running. I agree with you Brian, such awareness; especially on best practices is necessary.. On Sat, Apr 6, 2013 at 2:32 PM, Barrack Otieno <otieno.barrack@gmail.com>wrote:
Agreed Mblayo we also need to create more job opportunities :-)
Best Regards
On Fri, Apr 5, 2013 at 12:59 PM, Brian Munyao Longwe <blongwe@gmail.com>wrote:
Yesterday the website of a legal firm specializing in intellectual property that belongs to a friend was hacked and defaced. I discovered when going to look up some materials on copyright and immediately alerted him, he has since mobilized his web designer/hosting company to deal with the issue.
I managed to take a screenshot of the homepage in it's "hacked" state. As you can see the "hackers" claim to be from Saudi Arabia and (as can be expected) are very proud that they have compromised this site. In the background is the logo of Backtrack, which could is a linux distribution designed for information security that consists of a wide range of "hacker" tools. [image: Inline image 1] This incident could be evidence of the beginning of another wave of attacks against Kenyan systems on the Internet.
We desperately need an awareness campaign that will alert website owners/operators to the dangers and prompt them to get themselves checked (like the HIV campaign).
Best regards,
Brian
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Barrack O. Otieno +254721325277 +254-20-2498789 Skype: barrack.otieno http://www.otienobarrack.me.ke/
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- *......................................................... No pressure.....No diamonds!!!*
participants (3)
-
Barrack Otieno -
Brian Munyao Longwe -
dan wanjohi