Monthly Archives: February 2018

INVESTIGATION ON WINTER OLYMPICS CYBER-ATTACK HAS BEGUN



IN BRIEF: Following the cyber-attack on Winter Olympics, security teams and experts from South Korea's defence ministry, plus four other ministries, formed part of a taskforce investigating the shutdown.
----------------------------
The official Winter Olympics website was taken down after being hit by a cyber-attack (Denial Of Service attack, DOS), officials have confirmed.

The site was affected just before the beginning of the opening ceremony in Pyeongchang, South Korea.

Internal internet and Wi-Fi systems crashed at about 7:15 pm (1015 GMT) on Friday, though operations were restored about 12 hours later - Games organisers said.

However, a spokesman said that the International Olympic Committee would not be commenting on who might have been behind the incident.


"Maintaining secure operations is our purpose," said Mark Adams.
He added that the issue was being dealt with but that he was not aware who had carried out the attack.


Cyber-security teams and experts from South Korea's defence ministry, plus four other ministries, formed part of a taskforce investigating the shutdown.

RUSSIA RESPONDS

Prior to the Games, some cyber-security experts had expressed concern that countries like Russia and North Korea might try to target the event.


But the Russian Foreign Ministry has denied rumours that Russian hackers were involved.

"We know that Western media are planning pseudo-investigations on the theme of 'Russian fingerprints' in hacking attacks on information resources related to the hosting of the Winter Olympic Games in the Republic of Korea," the foreign ministry said.
"Of course, no evidence will be presented to the world."

There have been concerns for months that the Games and spectators could be targeted by cyber-attacks.

Earlier this month, the US Department of Homeland Security published a warning to travellers.

"At high-profile events, cyber-activists may take advantage of the large audience to spread their message," it said.

"There is also the possibility that mobile or other communications will be monitored."
The Pyeongchang Games are certainly not the first to be targeted by hackers.


In January, Konstantinos Karagiannis, BT's chief technology officer for security consulting, tweeted that during the 2012 London Olympics he and his team, "fought back quite a cyber-onslaught".

ANGALIZO KWA MABENKI DHIDI YA UHALIFU WA ATM JACKPOTING


KWA UFUPI: ATM jackpotting imgonga Hodi Nchini Marekani ambapo imesababisha upotevu mkubwa wa fedha zinazo kadiriwa kuzidi kiasi cha Dola milioni moja hadi sasa.
----------
Kumekua na aina nyingi za uhalifu mtandao unaolenga mashine za ATM ambao umekua ukiathiri mabenki mengi maeneo mengi duniani.


Mataifa ya Afrika yamesha kumbwa na changamoto za uhalifu katika mashine za ATM kama vile “card skimming” ambapo wahalifu mtandao mara kadhaa wamekua wakiripotiwa kughushi kadi za ATM zilizopelekea upotevu wa fedha kupitia mashine za ATM.


Toka mwaka 2014, Kumeendelea kuibuka aina nyingine za uhalifu unao athiri Mashine za ATM maeneo mbali mbali – Itakumbukwa Niliwahi kutoa taarifa inayosemaka hapa: TYUPKINYATIKISA MASHINE ZA ATM

Ilipo gundulika chanzo cha uhalifu huo kulipelekea kutolewa maelekezo ya namana ya kujilinda ambapo Mabenki mengi hayakuzingatia – Kitu kilichopelekea kuibuka kwa uhalifu mwingine aina ya ATM Jackpotting, Ambapo mwaka 2015 Nchi za bara la Asia, Ulaya na marekeani ya Kusini walikumbwa na Uhalifu aina ya Remote ATM Jackpotting (RAJ)

Maelekezo Zaidi yalitolewa na baadhi ya Nchi zikachukulia uzito ulinzi mtandao katika mashine za ATM ikiwa ni pamoja na kufanyia kazi maelekezo yaliyotolewa.

Toka mwaka Jana ATM jackpotting imeendelea kukumba mataifa ya Marekani kusini ingawa sio kwa kiasi kikubwa.

Na Mwaka Huu wa 2018, ATM jackpotting ikagonga Hodi Nchini Marekani ambapo imesababisha upotevu mkubwa wa fedha zinazo kadiriwa kuzidi kiasi cha Dola milioni moja hadi sasa.



Natumia nafasi hii kukumbusha mabenki yetu mambo makuu ma tatu kwa sasa.

Moja, ELIMU YA UELEWA (Awareness) – Tumehimiza elimu kubwa ya uelewa ifanyike katika taasisi za kifedha ikiwa ni pamoja na kuwaelimisha wafanyakazi wa taasisi hizo juu ya kutambua na kujilinda dhidi ya uhalifu kama Social engineering, Key loggers, Phishing na aina nyingine zozote zinazoweza kupelekea benki husika kukumbwa na uhalifu wa ATM Jackpotting pamoja na aina nyingine za kihalifu.

Aidha, Elimu kwa watumiaji wa Mashine na mifumo mingine ya kibenki inapaswa kufanyika pia.


Mbili, MIFUMO YA UFATILIAJI (Implementation of Monitoring tools) – Kampuni nyingi zinazojihusisha na usalama mitandao zimekua zikiwekeza kwenye uzalishaji wa mifumo inayo saidia kufuatilia na kubaini aina yoyote ya viashiria vinavyoweza kupelekea uhalifu wowote wa kimtandao katika taasisi zetu.

Naziasa taasisi za fedha kuhakiki zinachukua hatua za muhimu kuweka na kuimarisha mifumo iyo ili iwe ni usaidizi wa kubaini viashiria vyovyote vya uhalifu mtandao.


Tatu, KUONDOKANA NA MATUMIZI YA WINDOW XP KATIKA MASHINE ZA ATM – Hili tumekua tukizungumza toka kuonekana ya kua uhalifu wa Tyupkin uliathiri Zaidi mashine za ATM ambazo zilikua na Window XP. Wito ni kua kuna kila sababu wa Taasisi za kifedha kufanya operation ya haraka kuhakiki ina angazia mashine zake zote za ATM na kuziboresha kwa kuweka mifumo iliyo juu ya window XP.


Ni moja ya mafunzo ambayo mataifa tumeyahimiza ya jifunze ili kuweza kubaini, kuzuia na kujilinda na uhalifu mtandao - Mafunzo haya yameanza kutolewa katika mataifa mengi ikiwa ni pamoja na mataifa ya Bara la Afrika.