The Standard

KPA revenues, security at risk as Sh300m tracking system collapses

By Willis Oketch | 8yrs ago

A Sh300 million computer vessel tracking system implemented by the ports authority nine years ago has collapsed.

According to a KPMG audit commissioned by the Kenya Ports Authority (KPA), the system collapsed in March last year and by November most of Vessel Tracking Management System (VTMS) functions were crippled.

The VTMS system functions were being duplicated by another system called Kilindi Waterfront Automated Terminals System or KWATOS Marine, which was implemented in 2005.

Although the contract allowing implementation of VTMS required establishment of an interface between the two systems, this had not happened when KPMG wrote its report last November.

KWATOS Marine was implemented in 2005 to support marine and terminal operations of the port, as well as tracking and monitoring movement of vessels and payment of charges. On the other hand, VTMS was designed to aid tracking movement of vessels.

"VTMS main server housed at the KPA control tower crashed on March 21, 2015 and to date it has not been restored," said the report, which added that after the disabling of most of its functions, the "system is being used for view-only purposes and most of the system capabilities are not functional".

As a result, vehicle traffic services in the port's marine department have reverted "to the use of manual processes that were in place before VTMS implementation".

KPA hired KPMG last year to audit its computer-based security and cargo tracking systems used to monitor vessels, movement of cargo and access to key installations by staff and contractors.

Sunday, KPA Chairman Marsden Madoka said KPA commissioned KPMG to audit its IT security systems "to help us improve on some of the IT issues which are new and changing very fast" adding that "we are implementing the report gradually".

The audit exposed loopholes that enable hackers to infiltrate KPA's databases with ease and manipulate data, outdated cipher software, weak password policies and other weaknesses that render KPA's computer-based security and tracking system vulnerable to manipulation, cyber attacks and the threat of being disabled.

The audit also found that lack of a central office to manage project planning and procurement have made it possible for KPA's different departments to implement competing and overlapping security systems, which often collapse together or one-by-one.

The audit also found that information technology systems, including those implemented to improve security, movement of containers and monitor personnel and visitor access, often break down or are not manned.

Loading lists

This has forced KPA to resort to manual systems that are slow and vulnerable to manipulation and expose the port to financial loss. The audit also found that shipping lines often do not submit their loading lists to the port and as vessels enter the port and leave without paying navigational, security and other charges.

KPMG's audit dwells extensively on the port's procurement and management of the KWATOS Marine VTMS and found that the two systems were basically serving the same purpose and argued that procurement happened because there was no central office in charge of procurement of IT projects.

The auditor found that despite performing similar functions, KWATOS Marine and VTMS each had independent server rooms, separate disaster recovery centres, application support teams and independent budgets.

The auditor found that when the main VTMS server at the control tower crashed, authorities resorted to a secondary redundancy server but which KPMG found to have deficiencies, including lack of a biometric system to ensure individual accountability, lack of CCTV cameras to monitor who entered the server room and that the secondary server lacks humidity, temperature and alarm and fire detection sensors.

"...Unauthorised persons may gain access to the server room and cause intended/not intended process disruptions which may cause loss or manipulation of financial data and/or loss of business time".

Related Topics

ship tracking system Kenya Ports Authority KWATOS Marine
.

Latest Stories

Arsenal thrash Chelsea 5-0 to open up Premier League lead
Arsenal thrash Chelsea 5-0 to open up Premier League lead
Football
By AFP
11 mins ago
How SMEs are diversifying to beat high costs, maximise profits
Enterprise
By Amos Kiarie
17 mins ago
Premium Prosecution, defense lawyers differ over Sh177m Maasai Mara University graft case
National
By Julius Chepkwony
17 mins ago
.

The Standard Insider

You have let us down, UDA tells Sakaja over rot at City Hall
By Pkemoi Ng'enoh and Edwin Nyarangi 17 mins ago
Premium You have let us down, UDA tells Sakaja over rot at City Hall
Azimio calls for independent inquiry into Ogolla's death
By Brian Otieno 17 mins ago
Premium Azimio calls for independent inquiry into Ogolla's death
Firm linked to fake fertiliser calls for arrest of Linturi, NCPB boss
By Josphat Thiong'o 17 mins ago
Premium Firm linked to fake fertiliser calls for arrest of Linturi, NCPB boss
How proposed bill plans to tighten noose on sexual offenders
By Jacinta Mutura 17 mins ago
Premium How proposed bill plans to tighten noose on sexual offenders
.

Digger Classified

DIGGER MOTORS

DIGGER JOBS

DIGGER REAL ESTATE

GET OUR NEWSLETTER

Subscribe to our newsletter and stay updated on the latest developments and special offers!

CONNECT WITH US

FOR THE LATEST JOB ADVERTS

join Digger Classifieds telegram channel
The Standard
© 2024. The Standard Group PLC. All rights reserved