By MACHARIA KAMAU
The defacing of the Kenya Police website early last week and subsequent theatrics on the site with different hackers trying to outdo each other throughout the week.
While Internet security experts dismissed incident as a "small-time hacking job" that could be undertaken by anyone with basic programming knowledge, the handling of the incident by Kenya Police demonstrated the trivial way in which local organisations take Internet security.
Information and Communication PS Bitange Ndemo said there are plans to boost Internet security in the coming months but noted that even with improved surveillance, nobody was safe in the cyber world.
He said the ministry plans would in two months time unveil a Computer Emergency Response Team (CERT) to handle attacks by malicious programmers. The CERT is expected to coordinate response to cyber security incidents at the national level and cooperate with regional and international entities involved with the management of cyber security incidents.
He added that there are also plans to move all Government data on the same platform, where it will be easy to monitor and respond to attacks.
CIRCUMVENT FIREWALLS
"We have a Government data centre where we plan to migrate everyone it is easy to monitor and make follow-ups on such attacks." Ndemo said the threat posed by malicious people online was real, especially given that experienced programmers can today circumvent firewalls that have in the past proved effective in data protection.
He noted that ample security and regular updates should keep information protected.
"It is difficult to establish the origin of an attack because someone will use proxy servers and appear to be try to access information from a far flung country when in reality they might be doing it from your neighbourhood," said Ndemo, adding: "In the cyber world, no one is safe but that does not that we should shy from online transactions but instead try to protect our systems.
Though the issue of Internet security has been discussed at different forums, a number of them high level - it is easy to dismiss the conferences and conventions as mere talk shops.
Little action has been taken in regards to securing information posted online by Kenyans from both the private and public sector ends. Few Kenyan institutions have deployed enough security measures to safeguard online presence and transactions.
"Most of the institutions tend to think that once they have deployed an ICT infrastructure, that is it," said James Kinyua managing director Isolutions Associates, a local IT security consultancy firm.
SECURITY BREACH
Stay informed. Subscribe to our newsletter
He added that there is at least a major case of such breach in security every month and noted that with increased uptake of Internet, the threat posed by malicious programmers online is likely to increase.
"There is at least one major reported case but many also go unreported. Companies that may experience such cases may not report because they do not want their systems to appear compromised so they take them offline, repair the damage and then bring online," he said.
The Standard Group Plc is a
multi-media organization with investments in media platforms spanning newspaper
print operations, television, radio broadcasting, digital and online services. The
Standard Group is recognized as a leading multi-media house in Kenya with a key
influence in matters of national and international interest.
join