Author Archives: KILEO

PROTECTING YOUR SOCIAL MEDIA ACCOUNTS



The Internet has made our lives easier in so many ways. However, you need to know how you can protect your privacy and avoid fraud. With all of the personally identifiable information we share on social sites – Hackers have only become more adept at locating that information and using it to gain access to our accounts.

What’s worse, if you’re on social media while at work and connected to the corporate network and your account gets hacked, you’ve now made your entire company vulnerable.

Social media represents the largest modern threat vector – it has more connectivity (billions of people), it’s more trusted (everyone is your friend) and its less visibility (simply by its nature) than any other communication or business platform.


Security teams need to join their sales, marketing and customer success groups in the digital era, follow social media security best practices and implement risk monitoring and remediation technology around social media to secure their organization’s future.

In the case of social media accounts, you should make absolutely sure the email they are linked to has as much protection as possible. It’s a single point of failure. since everyone gets their password reset emails there. That’s the major way people get in.



Tips for Securing your Social Media Accounts
Create a unique email for social media. If you are compromised, hackers won’t have access to any other valuable information.

Limit Biographical Information. Many social media websites require biographical information to open an account –You can limit the information made available to other social media users.

Enable two-factor authentication. This is one of the best methods for protecting your accounts from unauthorized access.

Close unused accounts. With security, you can’t take the approach of ‘out of sight, out of mind,’ so it’s best to terminate your account altogether if it’s no longer in use.

Update mobile apps regularly. These updates can protect you from threats that have already been identified.

Practice good password hygiene. Pick a “strong” password, keep it secure, change it frequently, and Use different passwords for different accounts.



Monitor your accounts regularly. The sooner you notice suspicious activity, the sooner you can recover your account.

Secure your mobile devices. If your mobile devices are linked to your social media accounts, make sure that these devices are password protected in case they are lost or stolen.

Adjust the default privacy settings. Lock down your account from the start. Select who can see what posts, when and what information is shown on your profile, to who.

Be mindful accessing accounts on public wireless.If you have to connect, log completely out of your account after your session.

Accept friend requests selectively. There is no obligation to accept a “friend” request of anyone you do not know or do not know well. Fake accounts are often used in social engineering.

Use caution with public computers or wireless connections. Try to avoid accessing your social media accounts on public or other shared computers. But if you must do so, remember to log out completely by clicking the “log out” button on the social media website to terminate the online session.

Limit 3rd party app usage. Only authorize legitimate applications, and be sure to read the details of what you are authorizing the particular app to have access to.



What do I do If I’ve Been Hacked?
First things, don’t panic. If possible, log into your account and change your password.
Review the recent activity on the account and delete anything that was not posted by you.

If you find spam, be sure to report it.

Check your bank account and other accounts to ensure that they were not also compromised.

At this point, enable two-factor authentication.

In addition, you should know that Social media provide support to recover your account.

AHUKUMIWA MIAKA MIWILI JELA KWA KOSA LA KUHARIBU TAARIFA ZA ALIYEKUA MUAJIRI WAKE



KWA UFUPI: Steffan Needham, Amabae alihudumu kama mshauri wa maswala ya tehama (IT Cosultant) katika kampuni ya Voova ya nchini Uingereza amehukumiwa kifungo cha miaka 2 Jela kwa kosa la kuharibu taarifa za muajiri wake wa wa zamani.
--------------------------------

Kwa mujibu wa Thames Valley Police ya Nchini Uingereza, Mtuhumiwa alifukuzwa kazi na mwaajiri wake na baadae kuharibu taarifa zote muhimu za kampuni hiyo kwa kile kilicho tafsiriwa kama kulipiza kisasi kutokana na kufukuzwa kwake.
Uharibifu wa taarifa umekadiriwa kuigharimu kampuni hiyo kiasi cha Dola laki sita na elsfu Hamsini (US$650,000) ikiwa ni pamoja na kupelekea wafanyakazi kadhaa kupoteza kazi zao.

Mtuhumiwa amehukumiwa chini ya sheria ya nchini Uingereza ya mitandao (Computer Misuse Act)




Aidha, Kampuni husika imeonekana na mapungufu ya kushindwa kuwa na mikakati madhubuti ya kulinda taarifa zake ikiwa ni pamoja na uwekaji wa njia zaidi ya moja (multi-factor authentication) ya uthibitishaji pale mhusika anapotaka kuingia kwenye mifumio yake na kuhakiki ufutwaji wa taarifa katika mfumo unahusisha mtu zaidi ya mmoja.



Ushauri umetolewa kwa makampuni kuchukua tahadhari za dhati katika kulinda taarifa zake ili kujikinga na watumishi wasio wema walio ndani (Malicious/disgruntled insiders) kuweza kuleta maafa hapo baadae.


Wakati huo huo, mahakama Nchini marekani imepatia kibali cha ruhusa kwa Microsoft kuziangusha tovuti takriban 99 zilizo husishwa na uhalifu rubunishi (Phishing Attack).

Tom Burt, kutokea Microsoft ameeleza oparesheni iliyo ziharibu na kuziangusha tovuti hizo 99 ilihusisha makampuni mengine makubwa kama vile Yahoo na mengineyo.

KNOW AND PICK YOUR ANDROID SECURITY APP WISELY



IN BRIEF: In recent year, we have seen a tremendous increase of mobile applications across many countries – It is like everyone want to come with a mobile application for many reasons. On the other hand, the rate of fake and malicious mobile applications is rapidly growing posing major security risk to mobile users.
-------------------------------------

 Mobile application developers are now facing threats to customers and application data as automated and sophisticated attacks increasingly target the owners, users and data of mobile applications.

Apart from jeopardizing our privacy from unprotected Application from various application developers, Criminals are also developing mobile applications with malicious intentions putting thousands of users who download them to fall victims of cybercrimes.





It is prudent to secure our mobile devices with security solutions – Sadly, A recent test of anti-malware apps available in Google Play showed that most are not, in fact, worthy of the name and, indeed, the space they take up on the Android device.


Independent testing outfit AV-Comparatives threw the 2,000 most common Android malware samples seen in the wild last year at 250 security (and, as it turns out, also “security”) apps that were available in the Android store in January of this year. Only 80 apps passed the organization’s most basic test – flagging at least 30 percent of the samples as malware while reporting no false positives for some of the most popular and clean apps in Google Play.

Crucially, only 23 apps passed the test with flying colors; that is, they had a 100-percent success rate at detecting the malicious code.

So, what are those purported anti-malware solutions that failed the test up to? You may have guessed it – for the most part, they’ll only foist ads on you. Put differently, instead of keeping you safe from pests that are banking Trojans, ransomware and other threats, many of the fake security apps will apparently only pester you with unwanted ads, all in the name of easy revenue for the developers.


Indeed, some of the products are already detected, at the very least, as “potentially unwanted applications” by at least some reputable mobile security solutions and are likely to be booted by Google from the Android store soon.

In many cases, the apps’ “malware-detecting functionality” resided in their comparing the name of a package for any given app against the AV apps’ respective whitelisted or blacklisted databases. This way of determining if a piece of software is safe or not, can, of course, be trivially easy to defeat by malware creators. Meanwhile for the user, it creates a false sense of security.


The fact that many ad-slinging apps are disguised as security solutions may not be a revelation for you. After all, ESET malware researcher Lukáš Štefanko warned early in 2018 about dozens of apps that professed to protect users from malicious code, but were instead only vehicles for displaying ads.

Meanwhile, a number of products that scored poorly in the test were deemed to be the work of what AV-Comparatives called “hobby developers”. Rather than focus on producing quality security software, these software makers apparently produce a variety of apps that are only designed to generate ad revenue for them. Still other developers “just want to have an Android protection app in their portfolio for publicity reasons”, wrote the AV testing outfit.

In addition, user ratings and/or download numbers are not necessarily something to go by. “Most of the 250 apps we looked at had a review score of 4 or higher on the Google Play Store. Similarly, the number of downloads can only be a very rough guide; a successful scam app may be downloaded many times before it is found to be a scam,” wrote AV-Comparatives, adding that the ‘last updated’ date isn’t a reliable indicator, either.


All told, the results can be understandably disheartening. On the other hand, they’re another reminder of the need to stick to reputable products with proven track records in mobile security.

SHUTMA ZA UJASUSI MTANDANO DHIDI YA UCHINA



KWA UFUPI: Australia, Marekani na Uingereza zimeitupia lawana nchi ya Uchina kuhusika na ujasusi mtandao katika mataifa yao na mataifa Rafiki – Shutma ambazo zime eleza uchina kuhusika na wizi wa taarifa za siri za kibiashara za serikali na makampuni ya Teknologia.
---------------------------
Niliwahi kueleza mara kadhaa mwelekeo mpya na hatari wa Uhalifu mtandao ambapo nilitahadharisha kuhusiana na vita mtandao (Cyber Warfare) pamoja na Ujasusi Mtandao (Cyber Espionage) ambavyo kwa sasa mataifa makubwa yanawekeza zaidi kwenye matumizi ya teknolojia kudhuru na kuingilia mataifa mengine kimtandao.

Kundi la APT-10 la uchina limeshutumiwa na Uingereza na Marekani kuingilia makampuni takriban 45 ya Teknolojia, Taarifa za wafanyakazi takriban laki moja za wanajeshi wa majini wa marekani pamoja na computer mbali mbali za shirika la NASA.



Zhu Hua pamoja na Zhang Shilong, ambao ni raia wa Uchina wameshtakiwa na Marekani kuhusika na kufanya mashambulizi mtandao kwaniaba ya wizara ya ulinzi ya uchina (Chinese Ministry of State Security) – Naibu Mwanashria mkuu wa Marekani , Bwana  Rod Rosenstein alielezea shutma hizo.


Uchina imekana kuhusika na shutma zinazotolewa dhidi yake na marekani pamoja na uingereza huku ikiitaka marekani kuwaachia raia wake wawili – Shutma ambazo  zimeelezwa athari zake zimekumba nchi nyingine takriban 12 ikiwemo Nchi ya Brazil, Japan, Ufaransa, Canada na Nyinginezo.

Aidha, Kumekua na shutma mfano wa hizi kutokea taifa moje dhidi ya Jingine ambapo Mataifa kama Urusi, Korea ya Kaskazini, Marekani, Uingereza, na Uchina zimekua zikitwajwa zaidi kua na tabia ya ujasusi mtandao – Huku ikionekana mataifa hayo yakiongeza nguvu na kujiimarisha kua na uwezo mkumbwa wa kufanya mashambulizi mtandao kwa mataifa mengine.



Sanjari na hili, tumeona ukuaji mkubwa makampuni kutoa huduma za kiuhalifu mtandao kama vile “Malware – as –a service”, “Ransomware – as – a service” na “Cyberattacks on demand” jambo ambalo limepelekea uhalifu mtandao kuendelea kushika kasi maeneo mengi duniani.

Hivi karibuni, Shirika la Kipelelezi la marekani (FBI) limefungia makampuni kadhaa yanayo jihusisha na huduma za kutoa msaada wa mashambulizi mtandao kwa wateja wake.

FBI, imeeleza makampuni yaliyo fungiwa yamekua yakijihusisha na huduma za kushambulia mashirika ya kifedha, Mashule, wakala wa serikali, watoa huduma za kimtandao nakadhalika.

critical-boot.com, ragebooter.com, downthem.org, and quantumstress.net ni baadhi tu ya waliokumbana na zilzala ya funga funga iliyofanywa na shirika la kipelezi la marekani (FBI) baada ya oparesheni kubwa kufanyika dhidi ya makampuni yanayo jihusisha na huduma za kihalifu mtandao.



Aidha, Katika kipindi hiki cha sikukuu za mwisho wa mwaka takwimu zimekua zikionyesha uhalifu mtandao unakua kwa kasi, na tumekua tukishuhudia matukio mengi ya kihalifu mtandao yanayopelekea upetevu mkubwa wa pesa na taafifa za watu binafsi pamoja na makampuni mbali mbali.

Nikitokea mfano kwa mataifa yetu ya Afrika mashariki, Nchini Kenya kwa mujibu wa takwimu zilizo tolewa na “Communications Authority of Kenya (CA)”, imeelezwa kubainika matukio ya kihalifu mtandao zaidi ya Milioni 3.8 kwa kipindi cha miezi mitatu pekee. Taarifa za Kina Juu ya hili zimechapishwa na "STANDARD MEDIA" ya Kenya.

Nitumie Fursa hii, Kushauri umakini zaidi wakati wa kutumia mitandao hususan huduma za kibenki za kimtandao na kuimarisha zaidi ulinzi wa mifumo yetu ya kimtandao ili kupunguza ukubwa wa tatizo.

U.S SENATORS URGE FTC TO INVESTIGATE SMART TV PRIVACY CONCERNS



IN BRIEF: Two US senators Edward Markey (D-MA) and Richard Blumenthal (D-CT) have sent a letter to the Federal Trade Commission (FTC) requesting the agency to investigate smart TV makers amid fears and evidence that companies might be using devices to collect data and track users without their knowledge.

----------------------------------------------------

The open letter comes while smart TV advancements have "ushered in a new era of innovation and interactivity," they must not come at the expense of consumer privacy. "Televisions have entered a new era, but that does not mean that users' sensitive information no longer deserves protection," the senators said. "The content consumers watch is private, and it should not be assumed that customers want companies to track and use information on their viewing habits."

They said that, any company that collects this type of information should have to "comprehensively and concisely detail who will have access to that data, how that data will be used and what steps will be taken to protect that information," and added that consumers should have the opportunity to consent to that sort of data collection.

Senators Edward Markey  and Richard Blumenthal
TO JUSTIFY THEIR ALARMING LETTER.

The two senators cited a recent New York Times report about Samba TV, a vendor of smart TVs. According to the report, while


Samba tells users and lets them decide if to enable data collection for analytics purposes, it does not inform customers of the real depth of the collected data, which includes much more information than users believe they are agreeing to.

Recent reports suggest that Samba TV, one of the largest companies tracking smart TV users' viewing behavior, offers consumers the opportunity to enable their tracking service, but does not provide sufficient information about its privacy practices to ensure users can make truly informed decisions

Reports also suggest that smart TVs can identify users' political affiliations based on whether they watch conservative or liberal media outlets – Regrettably, smart TV users may not be aware of the extent to which their televisions are collecting sensitive information about their viewing habits.

The two senators also noted that the FTC has taken action on this before, investigating Vizio for collecting viewing data on 11 million smart TVswithout consumers' knowledge. Last year, the company settled with both the FTC and the New Jersey Attorney General, agreeing to pay $2.2 million in penalties and to delete data collected

Another case, which was not cited by the two senators in their letter, is South Korean company Samsung. In February 2016, an EFF researcher spotted a change in the company's terms of service that warned customers not to speak personal information out loud near their smart TV because there was a danger the voice recognition feature would pick it up, send it, and store it on Samsung's servers.

Based on these previously documented cases, the two senators are now asking the FTC to start an industry-wide investigation into the data collection practices of smart TV vendors and get the ball rolling on privacy-boosting regulation for a sector they believe has been allowed to infringe in users' privacy rights.

"Regrettably, smart TV users may not be aware of the extent to which their televisions are collecting sensitive information about their viewing habits," write Senators Markey and Blumenthal. "Televisions have entered a new era, but that does not mean that users' sensitive information no longer deserves protection."


IS THIS THING NEW?


There’s nothing new about smart TV spying.

2012: Zero-day vulnerabilities in Samsung Smart TVs were exposed at the end of 2012; if exploited, attackers could gain control of the webcam and microphone.

2013: Smart TVs were called the perfect target for spying on users back in 2013 – the same year as a Black Hat presentation about hacking Samsung Smart TVs. It was not just exploits that allowed for spying as a scandal erupted about LG Smart TV spying in 2013.

2014: Philips TV was a victim as well, I wrote on an article that can be read HERE, showing how hackers could play around with Philips TV and the way an individual can mitigate the challenge.

2015: Samsung took heat in 2015 for its privacy policy and its use of voice recognition – being able to record and listen in on what users were saying – it later came to light that the CIA had a Weeping Angel attack against Samsung Smart TVs back in 2014, making it possible to record conversations and send them back to a covert CIA server.
Also, in 2015, thanks to Smart Interactivity, Vizio was busy tracking what 10 million smart TV owners were watching and then selling that data to advertisers. Vizio was full of denials, but the FTC slapped Vizio for this. And in 2017, Vizio agreed to pay $2.2 million to settle charges by the FTC.

FACTS – SMART TV USER TRACKING IS REALITY

Many internet-connected smart TVs are equipped with sophisticated technologies that can track the content users are watching and then use that information to tailor and deliver targeted advertisements to consumers. By identifying the broadcast and cable shows, video games, over-the-top content like Netflix, and other applications that users are viewing, smart TVs can compile detailed profiles about users' preferences and characteristics.



Blumenthal and Markey have also recently pressed both Facebook and Google on their data policies. They have both also sought greater FTC oversight of Facebook following the Cambridge Analytica scandal.



AfICTA Board members during its 5th Board Meeting on June 6, 2018, have unanimously approved the proposal submitted by one of its stakeholders, CSK- Computer Society of Kenya to host the 6th Annual Summit in Mombasa, Kenya from October 8 - 9, 2018.

This important event was first hosted in Lagos, Nigeria in 2013. The Egyptian ICT industry association and the government of Egypt hosted the second edition in 2014. The third edition took place in Johannesburg. The 4th edition was hosted by the ICT Professionals Association of Namibia with the support of the Namibian Ministry of ICT and last year 5th edition was held in Nigeria by the ADD Consortium. Further datails coming soon.


TAKE NOTE: Cybercriminals consider small businesses a "target of choice," and a vast number of owners may be leaving their websites and companies unnecessarily vulnerable to attack, a new report suggests. Training employees on sound cybersecurity practices is an integral part of protecting a business.

In a recent survey of 250 website owners, cloud-based security firm SiteLock found that 59 percent are responsible for their own website upkeep but only 41 percent update website applications at least once a month. Experts consider software updates vital to protecting computer systems.

Among other survey findings: Of owners who had experienced a security incident, 24 percent reported that it damaged their business reputation while more than 35 percent reported that it endangered their bottom line.

This may leave businesses with websites vulnerable to a variety of cyberattacks. It also begs the question, what other cybersecurity vulnerabilities are being left exposed? All too often, one of the weak links in the cybersecurity chain for corporations is employee awareness.



NAMNA BORA YA KULINDA VIFAA VYA TEHAMA VYA WATOTO



KWA UFUPI: Kutokana na ukuaji wa teknolojia pamoja na muunganiko wa vitu vingi katika mtandao (IoT) vifaa vingi vya watoto vimekua mhanga mkubwa wa uhalifu mtandao – Hii imepelekea kuchukuliwa kwa hutua mbali mbali za kulinda watoto mitandaoni. Andiko hili lina angazia namna bora ya kulinda vifaa vya watoto vya TEHAMA.
-----------------------------------------

Kumekua na matukio kadhaa yaliyo husisha kuingiliwa kimtandao (kudukuliwa) kwa vifaa vinavyo tumiwa na watoto huku wahalifu mtandao wakiunda program tumishi zenye nia ovu ya kukusanya picha na sauti za watoto.

Mfano, kampuni ya V-Tech ambayo inatengeneza vifaa vya TEHAMA vya watoto Ilipata kudukuliwa na wahalifu mtandao ambapo taarifa nyingi za watoto zilijikuta mikononi mwa wahalifu mtandao.

Shirika la umoja wa mataifa linalo husiana na TEHAMA (ITU) limekua na kampeni maarufu ya Kuwalinda watoto mtandaoni – Child online protection (COP) ambayo imeongezewa nguvu na Kampeni nyingine ya wanausalama mtandao ijulikanayo kama siku ya usalama mtandao “Safer internet day” ambazo kwa pamoja zinatoa msaada ingawa kuna kila sababu kwaa wazazi nao kuchukua hatua kuwalinda watoto wao kimtandao.


Taarifa zinaonyesha wazazi wengi wamekua wakinunua vifaa kama vile – midoli ya kimtandao (smart toys), Vifaa vya kuwafatilia wototo (baby monitors), na vifaa vingine vya kuchezea (high-tech swings na play pads) vyote vikiwa vimeunganishwa katika mitandao.


Ikumbukwe, vifaa hivi vyote pamoja na kuonekana kuwapatia watoto furaha pamoja na kuwaweka wazazi karibu na watoto wao pia vinaongeza hatari kubwa ya kuweza kusababisha uhalifu mtandao kwa watototo – tumeendelea kuwaasa wazazi kua makini kwenye haya.

Wazazi wengi wamekua wakieleza vifaa hivi vimekua vikiwasaidia kuweza kujua hali za watoto wao (Mfano: Kujua joto lao la mwili la mtoto, mapigo ya moyo ya mtoto nakadhalika) huku wakiweza kuwafatilia watoto wao kwa kuwaona kwa ukaribu ingawa wako mbali nao kupitia vifaa hivi vya kisasa – Ni sahihi kua hili si jambo baya kwa mzazi kwani inampa faraja kujua mtoto wake anaendeleaje mda wote hata kama yuko mbali.

Ifahamike kua, wahalifu mtandao wame endelea kuingilia vifaa hivi kwa nia mbali mbali – Wengine wanafatilia tu familia za watu na njia rahisi ni kupitia vifaa hivi vinavyo weza kudukuliwa kirahisi, na wengine ni katika kukusanya tu taarifa za watoto ambazo wamekua wakizitumia vibaya.

DONDOO:  Namna unavyoweza kulinda vifaa hivi vya watoto dhidi ya uhalifu mtandao.


Tafakari kabala ya kununua:Kabla ya mzazi kununua vifaa hivi ni vyema ukajiuliza maswali muhimu – Je, Unaulazima wa kua navyo, vinaathari gani kwenye taarifa za familia, unauwezo wa kuvilinda, vimeunganishwa kwenye mtandao kwa kiasi gani, vimeundwa na nani na vina ulinzi kiasi gani.

Badili neon siri (Nywila) linalo kuja na vifaa hivyo (Default password): Vifaa hivi vya ki TEHAMA vya watoto vinakuja na Maneno siri ambayo wahalifu mtandao mara nyingi wanakua tayari wanayajua au ni rahisi kuya pata – Inashauriwa kama umenunua ni vizuri ukabadili maneno siri hayo na kuweka mengine madhubuti ambayo utakua ukibadili mara kwa mara kama kifaa kitaruhusu ili kulinda vifaa hivyo.

Nunua vifaa vivi kutoka kwenye makampuni yenye sifa (Known brand – with reputation):Kumekua na makampuni mengi ambayo yamekua yakitoa vifaa pamoja na program tumishi zenye nia ovu ya kukusanya taarifa za watoto

Aidha, Kunayo makampuni ambayo yamekua na udhaifu katika kulinda vifaa wanavyo tengeneza kwa ajili ya watoto – Inashauriwa uhakiki unajiweka mbali na aina hizo za makampuni ili usijikute eidha, ulicho nunua kinapelekea taarifa za mtoto (Picha na sauti) kutumiwa vibaya au kampuni inadukuliwa mara kwa mara na kupelekea taarifa za watoto kua hatarini.

Boresha program (Update software):Kama ilivyo kwa program nyingine, panapo gundulika mapungufu watengenezaji hutoa maboresho ambayo yanamtaka mtumiaji kuyaongezea kwenye vifaa wanavyo tumia ili viendelee kua na ulinzi – Kwenye vifaa vya watoto pia inapaswa wazazi wawe na tabia ya kuboresha programu zake kila mara zinapo boreshwa na watengenezaji/ waundaji wa vifaa hivyo.

Zima kama hutumii: Vifaa hivi vinapokua vimezimwa vinapunguza mwanya kwa wahalifu mtandao kuvidukua au kuviathiri, hivyo inashauriwa kama kifaa cha mtoto cha kitehama ukitumii basi kizime – Hii itasaidia kupunguza wimbi la uwezekano wa kudukuliwa au kuingiliwa kwa faragha za watoto na familia kwa ujumla.



RISING SHIELD AGAINST RANSOMWARE ATTACKS



IN BRIEF: Both Atlanta’s network and Roseburg schools suffered with Ransomware attacks recently. These are two examples among many ransomware attacks facing organisations across the globe. This writing will provide three basics advise on how individual and organisations can fight against ransomware attacks.
--------------------------------------------

Early this year 2018, Secureworks published a report titled “SamSam Ransomware Campaigns,” which noted that the recent attacks involving SamSam have been opportunistic, lucrative and impacted a wide range of organizations.

On March 22 this year (2018), The city of Atlanta (GA) employees were ordered to turn off their computers to stop a virus from spreading through the network and encrypting data. A cybercriminal group demanded that the city pay it about $51,000 in bitcoins — a crypto currency that allows for anonymous transactions online.

Federal agents advise the city not to pay ransomware because paying will not be an assurance of the solution to the city’s problem – The city then refuses to pay ransom to cybercriminals.



Following the attack, the city hired Secureworks, a Dell subsidiary, who has emerged as an early authority on the cyber-criminal group, “Gold Lowell.” That group is being blamed for a rash of cyber-attacks involving a variant of SamSam, the type of ransomware that struck Atlanta.


The total cost of the attack has yet to be calculated. But emergency contracts posted on the city’s procurement website have a combined not-to-exceed amount of about $5 million – Said Chief Operating Officer, Richard Cox.

The City is ongoing recovery from a ransomware cyber-attack – the municipal court is the only department whose computers haven’t been brought back online. “We are in testing right now,” Cox said, adding that he expects them to be operational in about 10 days.


The other accident took place in ROSEBURG, Ore – The Roseburg Public School's computer system suffered a ransomware attack happened earlier this month, freezing access to the district's email system, website and business and accounting software.

District officials say employee information was not accessed, but they don't know how much data they'll be able to get back.

"They don't hold out a lot of hope that they will be able to prosecute them, and they made it very clear to us that they couldn't help us recover our data," said Gerry Washburn, the Roseburg Schools Superintendent.

The FBI advised the district not to pay the ransom to recover the data. The district regained access to its email this week and plans to have to website back up as early as next week.

The Federal Bureau of Investigation (FBI) is now investigating the incident.



ADVISE: IMPROVING CYBERSECURITY.

There are number of things one can put in place in the name of improving cybersecurity – I will emphasize on three among many as follows.

Regularly update your operating system

Your operating system or OS is central command for your desktop, laptop, or smartphone. It’s the Captain Kirk of your devices. Unsurprisingly, it’s a prime target for hackers. Access to your OS means cyberthieves “have the conn” to your computer. They can download, install, and otherwise exploit your workstations. Taking control is how hackers steal your data.

Regularly updating your OS applies critical security fixes to your Windows, Mac, or Linux software. Make your work life easier by setting up automatic updates to your OS. With this simple adjustment to your work habits, you’ll “boldly go where no one has gone before” with your cybersecurity skills.

Get antivirus software – From reputable sources.

You can do the most to protect your employer by installing antivirus software, which protects work devices from phishing emails, spyware, botnets, and other harmful malware. But first, talk to your employer about getting comprehensive cybersecurity solution. For your personal devices, consider getting your own antivirus software. Most major antivirus brands offer free downloads of basic plans.

Just like any of your work projects, cybersecurity is a team effort that needs everyone to contribute. These five cybersecurity tips for the workplace are just a jumping-off point for your overall improvement. You now have the basics covered. Expand your cybersecurity arsenal with additional cybersecurity tips and online resources. Make sure you’re doing your part and everyone at work will benefit



Back up your data regularly

Ransomware is on the rise, affecting businesses of every size and type. Enterprising cybercriminals hack into computers, encrypt the data inside, and hold it for ransom. It’s a lucrative practice that costs employers millions every year. But regularly backing up your employer’s data takes away the profit incentive.

Use both a physical and cloud-based drive for backups. If one drive is hacked, you’ll have the other available. Most backups to the cloud sync your data automatically and let you choose which folders to upload. Talk with your employer about which files need to be backed up and which can remain locally stored. Set up a regular maintenance schedule to review your backup plans.


MAABARA YA UCHUNGUZI WA MAKOSA YA DIGITALI



KWA UFUPI: Andiko hili litaangazia walau kwa mukhtasari mambo muhimu ya kuzingatia wakati wa kuanzisha/ Kujenga maabara ya uchunguzi wa makossa ya digitali itakayo weza kufanikisha uchunguzi wa makossa hayo.
-------------------------------------------

Maabara ya uchunguzi wa makossa ya digitali situ inahitajika katika ngazi ya kitaifa bali pia makampuni yanaweza kuwa nayo ili kuweza kutafuta majibu ya uhalifu mtandao unaoweza kujitokeza.

Mataifa mengi yamejielekeza kwenye kujenga na kuongezea nguvu/uwezo  maabara maalum za uchunguzi ma makossa ya digitali – Nilipata kuzungumzia kwenye andiko linalosomeka “EGYPT LAUNCHES NEWDIGITAL FORENSICS LAB”  hatua ya Nchi ya misri kuzindua maabara ya kisasa ya uchunguzi wa makossa ya digitali.


Hii ni kutokana na ukuaji wa ufanyikaji wa makossa hayo yanayo hitaji umakini wa hali ya juu kuweza kuyachunguza na kupata majibu stahiki. Swali kuu ni ufahamu kiasi gani wahusika wako nao wa kujua mambo yanayo takiwa kuzingatiwa wakati wa kuazisha maabara hizi?



Mambo yafuatayo ni kwa uchache tu kati ya mengi ya kuzingatia wakati wa kuanzisha maabara maalum yenye kazi ya uchunguzi wa kitaalam wa makossa ya digitali.

ENEO – Physical location: Umakini unahitajika wakati wa kuchagua eneo maabara hii malum itawekwa. Eneo lazima liwe karibu na huduma muhimu za dharura, uwepo wa umeme, eneo liwe na udhibiti wa kutoruhusu mtu yoyote kuingia kwenye maabara kirahisi.

Aidha, maabara ya uchunguzi wa makossa ya digitali inakua na sehemu mbili za kufanyia uchunguzi – Moja inakua imeunganishwa na mtandao, ambayo itatumika kufanyia tafiti mbali mbali na mambo mengine yatakayo hitaji mtandao; ya pili inakua haiunganishi na mtandao ambayo kimsingi ndio inatumika kufanyia uchunguzi wa makossa ya digitali.



Kadhalika, Lazima papatikane eneo la wazi ndani ambalo litatoa huduma ya mahojiano na washukiwa wakati wa uchunguzi na pia kutumika kwa ajili ya kufanya mijadala/vikao kwa wachunguzi.

USANIDI WA JUMLA – General configuration: Maabara inapaswa kua na Vifaa vinavyotumia kutunza umeme wakati wa dharura za kukatika umeme yaani UPS, huduma ya mtandao, program muhimu za kuwezesha uchunguzi (Software), maeneo salama ya kuhifadhi vielelezo (Safe locker), mashelfu ya kuhifadhia vifaa vingine pamoja na mashelfu ya kuweka vitabu vya rejea katika maabara.

Aidha, Vifaa kama computer ya uchunguzi (Forensics tower), Printa, nyaya (Cables) mbali mbali muhimu, drive za ziada (Additional hard drives), pamoja na vifaa/ nyenzo nyingine muhumu zitakazo weza kutoa msaada kulingana na aina ya uchunguzi maabara inafanya.


Programu Muhimu – Software:Maambara ya uchunguzi inatarajiwa kuwa na programu kama vile, Window OS,Linux / Unix / Mac OS X / iMac operating system, EnCase, FTK na program nyingine za kusaidia uchunguzi mfano R-drive, SafeBack na nyinginezo zitakazo weza kutoa msaada wa kupatikana majibu ya uchunguzi wa makossa ya digitali kilingana na ina ya uchunguzi unao tarajia kufanya.

Mapendekezo ya ulizi – Physical security:Inashauriwa maabara kua na mlango mmoja tu wa kuingilia na kutokea, kutokufunguliwa kwa madirisha ya maabara, kua na kitabu (Log book) / mfumo wa kugundua kila anaeingia katika maabara ikiwezekana papatikane mfumo/kifaa kitakacho weza kutoa tahadhari kwa atakae ingia kinyemela (intrusion alarm system).


Aidha, kabati (Locker) za kuhifadhia vidhibiti (evidences) zinapaswa kuwepo maeneo yasiyo ingilika kirahisi na wasio husika (restricted area, only accessible to lab personnel) na ungalizi wa karibu sanjari na kufunga makabati (Lockers) wakati hayatumiki.

FACEBOOK REMOVES MALICIOUS ACCOUNTS



IN BRIEF: Facebook Inc has removed several malicious accounts and pages that advertised and sold social security numbers, addresses, phone numbers, and alleged credit card numbers of dozens of people and it will continue to do it if so needed.
----------------------------------------

Facebook spokesman assured to remove Posts containing information like social security numbers or credit card information on Facebook when Facebook becomes aware of it.

Facebook has also deleted almost 120 private discussion groups of more than 300,000 members, after being alerted by a report from journalist Brian Krebs that the groups flagrantly promoted a host of illicit activities, including spamming, wire fraud, account takeovers, and phony tax refunds.

The biggest collection of groups banned were those promoting the sale and use of stolen credit and debit card accounts, and the next largest collection of groups included those facilitating takeovers for online accounts such Amazon, Google, Netflix, and PayPal.

A Google search still pulls up a few public Facebook posts that offer to sell personal details including credit card numbers.


Hackers have advertised databases of private information on the social platform and that Facebook has held stolen identities and social security numbers for years.

It is reported, at least some of the data in these posts appeared real and it was confirmed the first four digits of the social security numbers, names, addresses, and dates of birth for four people whose data appears in a post from July 2014.

Tech companies are under intense scrutiny about how they protect customer data after Facebook was embroiled in a huge scandal where millions of users’ data were improperly accessed by a political consultancy.

KEEP PERSONAL INFORMATION SAFE ON SOCIAL MEDIA


The big question most people asks – Who is responsible to protect one’s privacy? It should be known that everyone is responsible to protect his/her own privacy.

How do you do that? 
Treat the “about me” fields as optional.
Know the people you friend.
Become a master of privacy settings.
Create strong, private passwords.
Create and use an “off-limits” list.
Always log out when you’re done.
Limit/ deny access to third-part applications.
Get Alerts on Suspicious Activity. 




FACEBOOK F8 DEVELOPER CONFERENCE

It is shaping up to be the biggest Facebook event ever, with 5,000 developers flying in from around the world. They will hear exciting news about the company's plans to advance on many fronts, from artificial intelligence to virtual reality.

They'll also get the chance to interact with the senior team, and to find out how they can profit from this very powerful platform.


Last year, Mark Zuckerberg filled his F8 keynote speech with cool demos about augmented reality – This year's F8, he said he is going to share more about the work Facebook is doing to keep people safe, and to keep building services to help individuals connect in more meaningful ways.



KENYA: WAKUU WA TEHAMA WAKUTANA



KWA UFUPI: Wakuu wa vitengo vya TEHAMA wamekutana kujadili changamoto na namna nzuri ya kuzitatua changamoto hizo katika vikao vilivyo kamilika Nchini Kenya.
-------------------------------

Watunga sera na sheria mbali mbali wamekua wakifanya maamuzi ya TEHAMA bila kushirikisha wadau wa TEHAMA – Hii imekua moja ya changamoto inayo leta mkinzano wa utendaji wenye manufaa kwa wana TEHAMA maeneo mengi barani Afrika.

Mjadala ulioangazia umuhimu wa udhibiti na uangalizi wa watendaji katika sekta ya TEHAMA umeonekana kua mzuri ila umegubikwa na changamoto kadhaa kutokana na ushirikishwaji mdogo wa wadau ili kuweza kuleta mabadiliko kwenye sekta husika.

Mjadala huu umejadiliwa kufuatia kuwepo kwa sera mpya nchini Kenya itakayo rasimisha Wana TEHAMA na kuwataka watambulike kabla ya kuweza kuhudumu maeneo mbali mbali. Hili litafanana na tulicho nacho nchini Tanzania kwa wanasheria pamoja na wataalam wa maeneo mengine kadhaa.


Kinachotegemewa katika urasimishaji wa sekta ya TEHAMA na kumfanya mwana TEHAMA atambulike na kuhudumia katika sekta ya TEHAMA ni pamoja na  kupitia hatua kuu tatu ambazo ni, Kusomea – Usaili – Kupatiwa leseni ya kutoa huduma katika sekta husika.

Changamoto iliyo onekana ni pamoja na uwezekano wa kuua vipaji vya wabunifu wa TEHAMA ambao wamekua wakija na ubunifu wenye manufaa pasi na kua na ujuzi rasmi katika sekta husika.

Tumeshudia kuwepo kwa vijana walio somea fani nyingine tofauti na TEHAMA ila baadae kuja na Mifumo mizuri ya Kitehama iliyoweza kutatua changamoto mbali mbali katika maeneo yetu tofauti na wengine waliosomea fani husika na kushindwa kuwa wabunifu wa kuleta mabadiliko katika jamii zetu.

Kuna baadhi ya Mifumo tuko nayo maeneo mengi ambayo wabunifu wake hawakua na elimu ramsi katika sekta ya TEHAMA. Aidha, Swali kuu matumizi ya TEHAMA ya mekua kuna ulazima mhusika kua na elimu rasmi? Ilhali kila sekta inategemea TEHAMA na kuna uwezekano kila mwenye ujuzi wa fani yoyote akawa na uwezo wa kufanya vizuri kwenye mifumo ya TEHAMA.



GDPR (General Data Protection Regulations) Nchi za umoja wa ulaya wana mategemeo ya kuanza rasmi matumizi ya GDPR mwishoni mwa mwezi wa tano mwaka huu wa 2018 – Lengo kuu ni kulinda faragha za raia wake.

Hatua hii inaweza kuathiri maeneo mengi duniani Afrika ikiwemo kwani tumeendelea kufanya biashara na kuhudumia mataifa ya umoja wa ulaya ambapo inahusisha taarifa za wana jumuia ya ulaya kupatikana kwetu.

Mjadala mzito wa nini tutegemee pale umoja wa Ulaya watakapo anza rasmi matumizi ya GDPR katika taasisi zetu hususan za kifedha. Namna bora ya kuweza kulinda (faragha) za watumiaji mifumo ya kitehama katika taasisi zetu ili kuondokana na tunachoweza kukabiliana nacho baada ya kuanza rasmi matumizi ya GDPR barani ulaya.



CSIRT (Computer Security Incidence Response Team) – Tumekua na changamoto ya uwepo wa vitengo mahususi vya kukabiliana na matukio ya kihalifu mtandao katika taasisi na kampuni mbali mbali. Hili linatokana na uelewa mdogo juu ya umuhimu wa vitengo hivi mahsusi vyenye jukumu la kukabiliana na uhalifu mtandao.

Umuhimu wa CSIRT, namna ya kuanzisha na majukumu yake katika kila kampuni na taasisi ni mjadala nilio uongoza kuhakiki kila mmoja anafahamu hili.

Matukio ya kihalifu mtandao katika mataifa yetu yanayopelekea upotevu wa Fedha, upotevu wa taarifa, udukuzi wa mifumo na kadhalika yamekua yakijitokeza mara kwa mara yanayo acha athari kubwa kwa taasisi za serikali na binafsi maeneo mengi duniani.

Ni wajibu wa kila taasisi na kampuni kujua ina jukumu la kujilinda dhidi ya uhalifu mtandao na namna pekee ya kufikia hapo ni pamoja na kua na kitengo wahususi chenye jukumu la ulinzi mtandao pekee ambapo kitengo husika kitaweza kuhakiki usalama mtandao unakuwepo.


Aidha, kumekua na mijadala mingine mingi sana ambayo yote ilikua na lengo la kuhakiki tuna tambua namna sahihi ya kukabiliana na changamoto nyingi zinazotokana na uwepo matumizi makubwa ya mifumo ya TEHAMA yanayo rahisisha utendaji kazi katika taasisi na kampuni mbali mbali.

MOROCCO TO HOST CYFY AFRICA 2018



IN BREAF: Morocco will be hosting this year CyFy Africa where experts and practitioners from around the globe expected to discuss the future the technology holds for the Continent. CyFy Africa comes at a time when the world’s attention is centered on Africa’s rise towards becoming the next digital superpower.
----------------------------------------

Cyber Security and Global Stability, Data Security ,Securing the Future of Africa’s Mobile Market, A Normative Framework for African Cyberspace: Lessons from the AU Convention on Cybersecurity and Personal Data Protection (AUCC) are among the key agenda that will be discussed during this year event.

Other agenda are Human Rights in the Digital Age, The Future of Entertainment, Online youth investment: Successes, opportunities and challenges and Internet CapacityBuilding for Development 



I expect to join other cybersecurity expert and practitioners to address delegates during CyFy Africa 2018 event.
-----------------------------
NEWS UPDATES: The JUTA Cyber Crime and Cyber Security Bill Pocket Book will be launched during the Lex-Informatica Annual SA Cyber Law & ICT conference 2018 in Johannesburg south Africa – The theme of the event is “Cyber Law in ICT Review”.
I’ll be joining other experts to discuss and enlightening delegates on keys issues people are facing in the world through topics like Cyber Crime, Cyber Security, Digital Forensics, Data Breach, Data Protection, Social Media Law, POPIA to mention a few.
-----------------------------


In a few short years, African nations have already made the leap from responsive adaptation of imported technology to pioneering innovation across a host of digital service sectors such as finance, agriculture, education, and health.



The ascent of the ‘Silicon Savannah’ is evident from the emergence of hundreds of innovation hubs, technology related enterprises, and the heavy infusion of venture capital across the continent.

As the experience with the African Union Convention on Cybersecurity and Data Protection shows, the African Union (AU) allows the continent to put forth an African proposition on the digital space. Additionally, the continent has made great strides towards digital integration with the advent of the One Area Network initiative. The massive rollout of fibreoptic cables across the length and breadth of the region has catalysed the creation of scores of young tech entrepreneurs, who are eager to reap digital dividends.


Indeed, it is only a matter of time before the world’s most important innovations flow out of Africa. Structured around the broad themes of connectivity, digital inclusion, security, innovation and trade.

TASKRABBIT YAKIRI KUDUKULIWA



KWA UFUPI: TaskRabbit imekua muhanga wa uhalifu mtandao – IKEA, Imethibitisha. Hii ni katika muendelezo wa Programu tumishi (Applications) na huduma zingine za kimtandao kuingiliwa na wahalifu mtandao ambapo taarifa za watu zimejikuta katika mikono isiyo salama.
---------------------------------
TaskRabbit iliyo anzishwa mwaka 2008 na Bi. Leah Busque iliyokua na madhumuni ya kutoa ajira zisizo rasmi kwa watu ambapo ilinunuliwa na IKEA mwaka 2017. Imekua ikitoa huduma zake kwa kujitegemea ndani ya mjumuiko wa makampuni ya nayo milikiwa na IKEA.

Program tumishi hiyo imekua ikitumiwa Zaidi na Raia wa Uingereza na maeneo mengine kujitafutia ajira zizizo rasmi kama kazi za ndani, kazi za bustani na nyinginezo ambapo wateja wa program tumishi hiyo na huduma za kimtandao zinazo shabiana na program tumishi hiyo imekua ikikusanya taarifa za watafuta ajira na wanao tafuta wakuwafanyia kazi hizo.

Mjadala wa wanausalama mtandao umeeleza taarifa binafsi nyingi za wateja zimekua zikikusanywa na sasa zimeingia mikononi mwa wahalifu mtandao. Prorgram tumishi pamoja na tovuti zimefungwa kwa muda kufuatia tukio hili.


Kamishna wa mawasiliano wa uingereza aamekiri kua na taarifa juu ya tukio hilo na ameeleza wanalifatilia kwa karibu. Aidha, TaskRabbit hadi sasa imekaidi kutoa ufafanuzi wa uhalisia wa tukio husika huku ikikadiriwa udukuzi umeathiri kwa kiasi kikubwa na huwenda umedumu kwa muda.

Kampuni imeeleza inafanya uchunguzi wa kina kufuatia tukio hilo huku ikewataka wateja wake kubadili maneno siri (Nywila) na kuahidi kutoa taarifa zaidi baada ya uchunguzi kukamilika juu ya athari Zaidi sanjari na kuwahakikishia wateja wake walioshindwa kufanya kazi zao kutokana na hitlafu zilizopelekea kufungwa kwa muda kwa huduma watapatiwa fidia.


NINI CHA KUJIFUNZA?

WAMILIKI WA PROGRAM TUMISHI: Kumekua na msisitizo mkubwa kwa wanaotoa huduma za mitandao ikiwa ni pamoja na program tumishi kutakiwa kuhaki wanajipanga kulinda taarifa za wateja wao kabla ya kuanza kutoa huduma.

Aidha, Kutokana na wimbi kubwa la wahalifu mtandao kuingiza tarikishi zisizo salama kwenye program tumishi bila ya wamiliki kua na ufahamu – Tumetoa muongozo mpya wa kuhakiki wamiliki wanalinda wateja/ watumiaji na endapo itatokea wahalifu mtandao wakadhuru wakuwajibishwa awe ni mmiliki.

Itakumbukwa tukio la Uber ambapo mamilioni ya taarifa za watumiaji wa program tumishi hiyo maarufu kwa kutafutia watu usafiri ilijikuta matatani baada ya kutoa mwanya wa wahalifu mtandao kuingiza tarikishi zisizo salama zilizo pelekea mamilioni ya Taarifa kuingia mikononi mwa wahalifu mtandao.

WATUMIAJI WA PROGRAM TUMISHI: Awali ya yote kila mtumiaji wa program tumishi yoyote anatakiwa kutambua anajukumu la kutambua faragha yake inalindwa vipi na program tumishi husika.

Kumekua na nahatua mbali mbali ambazo tumekua tukizichukua kuhaki taarifa binafsi za watu zinakua salama lakini pia ni jukumu la mtumiaji kufuata maelekezo tunayo yatoa.

Mfano:
-         Kabla ya kupakua na kuijumuisha program tumishi katika simu yako, mahitaji yanakuwepo? Na ulazima wakua nayo unakuwepo?
-         Unaifahamu vizuri progam tumishi uitumiayo? Hususan inachochukua kutoka kwako kabla ya kukupatia huduma?
-         Unatoa ruhusa wa taarifa chache pekee kuenda kwenye program tumishi au unaipatia taarifa nyingi zaidi zinazo hatarisha faragha yako?
-         Unatumia Nyila madhubuti na kibadilisha mara kwa mara kujilinda binafsi?

Pamoja na jitihada kubwa ambazo tumeendelea kuzichukua – Changamoto kubwa imekua watumiaji wamekua na uelewa mdogo wa namna ya kujilinda binafsi inayo pelekea matukio ya faragha za watu kuingia mashakani kutokana na kuendelea kukua kwa uhalifu mtandao maeneo mengi duniani.




EGYPT LAUNCHES NEW DIGITAL FORENSICS LAB



IN BRIEF: The Government of Egypt has announced that it is setting up a specialized digital forensic lab for Intellectual Property as part of its enforcement schemes of combating software piracy.

---------------------------------------

The new lab, the first of its kind in the MENA region, is mainly designed to resolve business software and internet-based piracy cases. It authentically recovers data from digital devices and unearths new fraud techniques.


The latest measures applied aim to enhance the investigative capabilities and ease the digital forensic evidence acquisition, analysis, and reporting.


The cutting-edge techniques and latest technologies employed in the lab devise a road-map for judges, prosecutors, and lawyers. The practiced procedures enable them to distinguish the counterfeit products from the genuine and manage the intellectual property and digital piracy issues at hand.

The Information Technology Industry Development Agency – developing the IT industry in Egypt, hosts the lab at its premises. The agency is the executive IT arm of the Egyptian ICT ministry to enforce IPR related to software products and databases.

“Over the last couple of years, ITIDA’s IPR office has undertaken comprehensive actions to increase IP enforcement with all the stakeholders like the economic courts; i.e., judges and prosecutors, police officers, and copyright owners," said Dr. Mohamed Hegazy, Egypt’s IPR Office Manager.

Aiming at developing the necessary skills, the fully dedicated IPR office has delivered extensive training and capacity-building programs in legal, technical and practical aspects during 2017 to more than 900 police officers, 97 journalists from the National Broadcasting Authority, 125 employees from different software companies, in addition to 473 judges and prosecutors in the economic courts.



-------------------------------
UPDATES: I took part to the concluded Intelligence strategies & crime prevention for law enforcers meeting held in South Africa - Among others, I emphasized on search warrant, Chain of custody, to document everything during forensics investigation & Proper handling of Digital evidences
Digital evidence, by its very nature, is fragile and can be altered, damaged, or destroyed by improper handling or examination - this may render it unusable or lead to an inaccurate conclusion.
-------------------------------

“We are committed to sustaining our success in combating IP infringement and expanding IP rights. The launch of this lab enables us to achieve our targets”. “Only in 2017, we have delivered technical expertise reports of 96 cases to the economic courts, registered 203 computer software programs and issued 267 licenses for the first time.”, Hegazy added.

According to the latest BSA-IDC Global Software Piracy Study in 2016, the Egyptian piracy rate reached 61%, a ratio lower than most of competing countries and leading global outsourcing locations including Morocco (65 percent), the Philippines (67 percent) and Vietnam (78 percent).

The Cabinet is preparing a data protection and privacy law draft. It has already agreed on cyber-crime law and awaits the Parliament’s approval to be enacted, according to Egypt’s state media.

Egypt is currently undergoing an unprecedented phase of development in all fields, which is largely attributed to sound policies, monetary reforms, and global partnerships.

With the sustained momentum that Egypt is gaining in the area of tech innovation and startups ecosystem maturity, the Egyptian government represented by the Ministry of ICT has put its free and open software strategy into action in 2016.

The newly adopted policy represents a paradigm shift in intellectual property rules as it provides an alternate software-licensing model while developing a healthy eco-system for software production and innovation.

URUSI YAKANA KUISHAMBULIA KIMTANDAO UJERUMANI



KWA UFUPI: Mifumo ya kimtandao katika baadhi ya wizara za serikali ya Ujerumani ilikumbwa na udukuzi uliopelekea kuibiwa kwa taarifa kadhaa huku baadhi ya vyombo vya habari vimeishutumu Urusi dhidi ya shambulizi hilo la kimtandao. Nae waziri wa Ujerumani wa maswala ya uchumi akieleza hawana uhakika kua Urusi imehusika na shambulizi hilo. Aidha, Urusi  imekana kuhusika na shambulizi hilo.
------------------------------------------

Mataifa makubwa yenye uwezo wa kimtandao yamekua yakishutumiana panapo tokea mashambulizi mtandao kwenye mataifa hayo. Urusi, Uchina na Korea ya Kaskazini wamekua wakishtumiwa Zaidi na mataifa ya Ulaya na marekani.

---------------------
TAARIFA: Tume ya TEHAMA ya nchini Tanzania imekaa kikao chake cha kwanza mahsusi kujadili maswala ya usalama mtandao Nchini ambapo mengi yalipata kuangaziwa na lengo kuu limekua ni kuhakiki tunapata taifa salama kimtandao.
---------------------

Ujerumani Hivi karibuni imekumbwa na shambulizi mtandao katika wizara zake mbili hadi sasa ambao umepelekea taarifa kadhaa za wizara hizo kupotelea mikononi mwa wahalifu mtandao.


Wabunge wa Ujerumani wametupia lawama serikali kwa kutokuwaambia kuhusu mashambulizi hayo ya mtandaoni huku kamati ya masuala ya dijitali ya bunge la Ujerumani ikiketi kwa dharura kwa madhumuni ya kuipitia taarifa juu ya udukuzi huo ulio gundulika Mwishoni mwa mwezi Februari mwaka huu wa 2018.

Mmoja wa wajumbe wa kamati ya digitali – Anke Domscheit-Berg, kutokea chama cha mrengo wa kushoto, Die Linke ame eleza ya kua serikali ya ujerumani ilipaswa kujua mashambulizi hayo ya kimtandao mapema na kuyadhibiti.



Shirika la habari la Ujerumani, DPA, lilivinukuu vyanzo vya usalama ambavyo havikutajwa majina vikisema kwamba kundi la APT28 la Urusi lilidukuwa mifumo ya mawasiliano ya wizara za mambo ya nje na ndani za Ujerumani na kufanikiwa kuiba taarifa.

Shirika hilo linasema kuwa mashambulizi hayo yaligunduliwa mwezi Disemba mwaka jana na inawezekana yalikuwa yakiendelea kwa mwaka mzima.

Thomas de Maiziere.
Waziri wa Mambo ya Ndani wa Ujerumani
Kufuatia ripoti hiyo, wizara ya mambo ya ndani ilithibitisha kudukuliwa kwa kompyuta za serikali kuu ya shirikisho, ikisema kuwa mashambulizi hayo yalifanyika kwenye masuala yasiyohusiana na siri za serikali na kwamba yalidhibitiwa.

Hata hivyo, msemaji wa wizara hiyo hakuweza kutoa undani zaidi wa suala hili, akisema limo kwenye uchunguzi na kwamba hatua za kiusalama zinaendelea kuchukuliwa.

Lakini kwa mujibu wa vyombo vya habari vya Ujerumani, udukuzi uliachiwa kuendelea hadi Februari 28 ya mwaka huu wa 2018 ili wachunguzi wakusanye taarifa kuhusiana na upana, malengo na watendani wenyewe.

"Ikithibitika kuwa ni kweli, hivi vitakuwa ni aina ya vita dhidi ya Ujerumani," alisema mkuu wa kamati ya masuala ya dijitali ya bunge la Ujerumani, Dieter Janacek, kutoka chama cha walinzi wa mazigira, Die Grüne, kwa mujibu wa gazeti la Berliner Zeitung.
Janacek aliyataja mashambulizi hayo kubwa ni mabaya kabisa, na ametoa wito kwa serikali kuzifikisha taarifa zote ilizonazo bungeni.

Vikao vya kwanza vya Usalama Mtandao vilivyo andaliwa na Tume ya TEHAMA Nchini Tanzania 

Alipoulizwa endapo mashambulizi hayo yalifanywa na kundi linaloungwa mkono na Urusi, mbunge kutokea muungano wa CDU/CSU wa Kansela Angela Merkel, aliutetea mkakati wa serikali kuzuia taarifa. Stephan Mayer kutoka chama cha CSU alisema "uchunguzi kamili na wa kina" ulikuwa unahitajika "lakini sio wa kuwekwa hadharani." Mbunge huyo aliongeza kuwa "kuwadhania vibaya wengine hakuwezi kuusaidia uchunguzi huo".

Kundi la APT28 au wakati mwengine huitwa Fancy Bear, ambalo linahusishwa na idara ya ujasusi kwenye jeshi la Urusi, limewahi kutajwa kuhusika na mashambulizi  ya mtandaoni dhidi ya Bunge la Ujerumani mwaka 2015 na pia ofisi za Jumuiya ya Kujihami ya NATO na serikali za mashariki mwa Ulaya.

Brigitte Zypries
Waziri wa Nishati na Uchumi
Ujerumani.
Tayari waziri wa nishati na uchumi wa Ujerumani Mh. Brigitte Zypries amezungumzia shambulizi hili na kueleza yakua hakuna Ushahidi unaothibitisha ya kua Urusi ndio imehusika.

Aidha, Urusi nayo imekana kuhusika na shambulizi hilo.


INVESTIGATION ON WINTER OLYMPICS CYBER-ATTACK HAS BEGUN



IN BRIEF: Following the cyber-attack on Winter Olympics, security teams and experts from South Korea's defence ministry, plus four other ministries, formed part of a taskforce investigating the shutdown.
----------------------------
The official Winter Olympics website was taken down after being hit by a cyber-attack (Denial Of Service attack, DOS), officials have confirmed.

The site was affected just before the beginning of the opening ceremony in Pyeongchang, South Korea.

Internal internet and Wi-Fi systems crashed at about 7:15 pm (1015 GMT) on Friday, though operations were restored about 12 hours later - Games organisers said.

However, a spokesman said that the International Olympic Committee would not be commenting on who might have been behind the incident.


"Maintaining secure operations is our purpose," said Mark Adams.
He added that the issue was being dealt with but that he was not aware who had carried out the attack.


Cyber-security teams and experts from South Korea's defence ministry, plus four other ministries, formed part of a taskforce investigating the shutdown.

RUSSIA RESPONDS

Prior to the Games, some cyber-security experts had expressed concern that countries like Russia and North Korea might try to target the event.


But the Russian Foreign Ministry has denied rumours that Russian hackers were involved.

"We know that Western media are planning pseudo-investigations on the theme of 'Russian fingerprints' in hacking attacks on information resources related to the hosting of the Winter Olympic Games in the Republic of Korea," the foreign ministry said.
"Of course, no evidence will be presented to the world."

There have been concerns for months that the Games and spectators could be targeted by cyber-attacks.

Earlier this month, the US Department of Homeland Security published a warning to travellers.

"At high-profile events, cyber-activists may take advantage of the large audience to spread their message," it said.

"There is also the possibility that mobile or other communications will be monitored."
The Pyeongchang Games are certainly not the first to be targeted by hackers.


In January, Konstantinos Karagiannis, BT's chief technology officer for security consulting, tweeted that during the 2012 London Olympics he and his team, "fought back quite a cyber-onslaught".

ANGALIZO KWA MABENKI DHIDI YA UHALIFU WA ATM JACKPOTING


KWA UFUPI: ATM jackpotting imgonga Hodi Nchini Marekani ambapo imesababisha upotevu mkubwa wa fedha zinazo kadiriwa kuzidi kiasi cha Dola milioni moja hadi sasa.
----------
Kumekua na aina nyingi za uhalifu mtandao unaolenga mashine za ATM ambao umekua ukiathiri mabenki mengi maeneo mengi duniani.


Mataifa ya Afrika yamesha kumbwa na changamoto za uhalifu katika mashine za ATM kama vile “card skimming” ambapo wahalifu mtandao mara kadhaa wamekua wakiripotiwa kughushi kadi za ATM zilizopelekea upotevu wa fedha kupitia mashine za ATM.


Toka mwaka 2014, Kumeendelea kuibuka aina nyingine za uhalifu unao athiri Mashine za ATM maeneo mbali mbali – Itakumbukwa Niliwahi kutoa taarifa inayosemaka hapa: TYUPKINYATIKISA MASHINE ZA ATM

Ilipo gundulika chanzo cha uhalifu huo kulipelekea kutolewa maelekezo ya namana ya kujilinda ambapo Mabenki mengi hayakuzingatia – Kitu kilichopelekea kuibuka kwa uhalifu mwingine aina ya ATM Jackpotting, Ambapo mwaka 2015 Nchi za bara la Asia, Ulaya na marekeani ya Kusini walikumbwa na Uhalifu aina ya Remote ATM Jackpotting (RAJ)

Maelekezo Zaidi yalitolewa na baadhi ya Nchi zikachukulia uzito ulinzi mtandao katika mashine za ATM ikiwa ni pamoja na kufanyia kazi maelekezo yaliyotolewa.

Toka mwaka Jana ATM jackpotting imeendelea kukumba mataifa ya Marekani kusini ingawa sio kwa kiasi kikubwa.

Na Mwaka Huu wa 2018, ATM jackpotting ikagonga Hodi Nchini Marekani ambapo imesababisha upotevu mkubwa wa fedha zinazo kadiriwa kuzidi kiasi cha Dola milioni moja hadi sasa.



Natumia nafasi hii kukumbusha mabenki yetu mambo makuu ma tatu kwa sasa.

Moja, ELIMU YA UELEWA (Awareness) – Tumehimiza elimu kubwa ya uelewa ifanyike katika taasisi za kifedha ikiwa ni pamoja na kuwaelimisha wafanyakazi wa taasisi hizo juu ya kutambua na kujilinda dhidi ya uhalifu kama Social engineering, Key loggers, Phishing na aina nyingine zozote zinazoweza kupelekea benki husika kukumbwa na uhalifu wa ATM Jackpotting pamoja na aina nyingine za kihalifu.

Aidha, Elimu kwa watumiaji wa Mashine na mifumo mingine ya kibenki inapaswa kufanyika pia.


Mbili, MIFUMO YA UFATILIAJI (Implementation of Monitoring tools) – Kampuni nyingi zinazojihusisha na usalama mitandao zimekua zikiwekeza kwenye uzalishaji wa mifumo inayo saidia kufuatilia na kubaini aina yoyote ya viashiria vinavyoweza kupelekea uhalifu wowote wa kimtandao katika taasisi zetu.

Naziasa taasisi za fedha kuhakiki zinachukua hatua za muhimu kuweka na kuimarisha mifumo iyo ili iwe ni usaidizi wa kubaini viashiria vyovyote vya uhalifu mtandao.


Tatu, KUONDOKANA NA MATUMIZI YA WINDOW XP KATIKA MASHINE ZA ATM – Hili tumekua tukizungumza toka kuonekana ya kua uhalifu wa Tyupkin uliathiri Zaidi mashine za ATM ambazo zilikua na Window XP. Wito ni kua kuna kila sababu wa Taasisi za kifedha kufanya operation ya haraka kuhakiki ina angazia mashine zake zote za ATM na kuziboresha kwa kuweka mifumo iliyo juu ya window XP.


Ni moja ya mafunzo ambayo mataifa tumeyahimiza ya jifunze ili kuweza kubaini, kuzuia na kujilinda na uhalifu mtandao - Mafunzo haya yameanza kutolewa katika mataifa mengi ikiwa ni pamoja na mataifa ya Bara la Afrika.


“LEBANON IS BEHIND DATA-STEALING SPYWARE“ – EFF UNCOVERED

A security bug that has infected thousands of smartphones has been uncovered by campaign group the Electronic Frontier Foundation (EFF).

Working with mobile security firm Lookout, researchers discovered that malware in fake messaging designed to look like WhatsApp and Signal had stolen gigabytes of data.

APPLE YAKIRI KUATHIRIWA NA “MELTDOWN” PAMOJA NA “SPECTRE”

Ugunduzi wa mapungufu makubwa mawili yaliyopewa jina la “Meltdown na Spectre” yaliyoathiri Kifaa cha Kopyuta kinachojulikana kwa jina la“Chip”  ambapo athari zake ni kupelekea wizi wa taarifa kwa watumiaji mtandao umeendelea kuchukua sura mpya baada ya kampuni ya Apple kukiri kua bidhaa zake ikiwemo Komputa za Mac, iPhone na iPads kuathiriwa pia.

Hadi wakati huu ma bilioni ya kompyuta, Simu za mkononi “smartphones” na Tabiti “Tablets” zimeathirika na mapungufu haya ambapo kuna hatari ya taarifa za mabilioni ya watu kuweza kuishia mikononi mwa wahalifu mtandao endapo hatua stahiki kutochukuliwa kwa wakati.



Tayari hatua mbali mbali zimeweza kuchukuliwa kuzuia maafa makubwa kujitokeza kutokana na mapungufu yaliyo gunduliwa ikiwa ni pamoja na kusambaza viraka “Patches” ili kuziba mianya ya mapungufu yaliyo gundulika.


Aidha, Elimu ya uelewa imeendelea kutolewa kwa watumiaji wa mwisho (End user) katika mataifa mbali mbali ili kuweza kuchukua hatua za kusahihisha mapungufu hayo katika vifaa vilivyo athiriwa.

Itakumbukwa – Mwaka Jana Kulikua na ugunduzi wa mapungufu yaliyo athiri program za Microsoft na baadae watumiaji wakashindwa kusahihisha mapungufu hayo kama yalivyokua yamesahihishwa na Microsoft, tukio ambalo lilisababisha uhalifu mkubwa wa kimtandao aina ya “WanaCry” ambapo mataifa Zaidi ya miamoja hamsini yaliathiriwa na mabilioni ya fedha kuingia katika mikono ya wahalifu mtandao.

Kwa kuzingatia hilo, wakati huu imeonekana ni muhimu kuziba mianya hii ambayo tayari imegundulika mapema ili kuepusha wizi mkubwa wa taarifa za watu unaoweza kutokea endapo hili halitochukuliwa hatua stahiki.

Makampuni mbali mbali tayari yamechkua hatua za kusambaza viraka matandao “Patches” na kuwataka watumiaji kufanyia kazi hatua hizi zilizo chukuliwa.

Kumekua na malalamishi kwa baadhi ya watumiaji mtandao ambapo wamedai baada ya kutatua mapungufu yaliyogundulika yamepelekea komputa kupunguza uwezo wake wa kufanya kazi – Kampuni ya Apple imewathibitishia watumiaji wake kua tatizo hili halitojitokeza kwemye bidhaa zake.

Mapungufu yaliyo gundulika bado hayajasababisha madhara kwa tumiaji – Ingawa Hofu kubwa ni kwamba wahalifu mtandao wanaweza kutumia mwanya wa mapungufu haya kusababisha madhara makubwa siku za usoni endapo hayata fanyiwa kazi mapema.


Angalizo kuu lililotolewa kwa wanaokimbilia kuziba mwanya huu kuhakiki wanakua makini kwani pamegundulika uwepo wa wahalifu mtandao wanao sambaza viraka mtandao “Patches” ambazo sio sahihi na zina mlengo wa kudhuru watumiaji.

Katika hatua nyingine kampuni ya Apple imesisitiza kua mapungufu yaliyo gundulika hayadhuru saa zake maarufu kama “Apple watch” na pia kueleza kua Hadi sasa Kiraka mtandao “Patches” kwa ajili ya Meltdown pekee ndio kimetolewa na baadae watakapo kua tayari watatoa nyingine kwa ajili ya Spectre.


Makampuni mengine ikiwemo Microsoft tayari yamesha toa viraka mtandao “Patches” ikiwa ni hatua ya kukabiliana na changamoto hii ya kimtandao.

DEMANDS ON ETHICAL HACKERS ARE RAPIDLY GROWING

SINGAPORE: The Ministry of Interior and Defence (Mindef) will be inviting about 300 international and local hackers to hunt for vulnerabilities in its Internet-connected systems next year (2018), in a bid to guard against ever-evolving cyber threats.

From Jan 15 to Feb 4, these selected experts will try to penetrate eight of Mindef's Internet-facing systems, such as the Mindef website, the NS Portal and LearNet 2 Portal, a learning resource portal for trainees.

--------------------------------------------
RELATED POSTS
--------------------------------------------

These registered hackers can earn cash rewards - or bounties - between $150 and $20,000, based on how critical the flaws discovered are. Called the Mindef Bug Bounty Programme, it will be the Government's first crowdsourced hacking programme.


This follows an incident earlier this year when Mindef discovered that hackers had stolen the NRIC numbers, telephone numbers and birth dates of 854 personnel through a breach of its I-Net system.

One of the systems being tested, Defence Mail, uses the I-Net system for Mindef and SAF personnel to connect to the Internet.

On Tuesday (Dec 12), defence cyber chief David Koh announced the new programme after a visit to the Cyber Defence Test and Evaluation Centre (CyTEC) - a cyber "live-firing range" where servicemen train against simulated cyber-attacks - at Stagmont Camp in Choa Chu Kang.

--------------------------------------------
UPDATES: “Ransomware assaults seem to be getting increasingly dangerous,” said Marty P. Kamden, CMO of NordVPN. “Besides, system administrators are not ready to protect their networks from more sophisticated breaches. We believe that attacks will only keep getting worse.”
--------------------------------------------

On the significance of the "Hack Mindef" initiative, he told reporters: "The SAF is a highly networked force. How we conduct our military operations depends on networking across the army, navy, air force and the joint staff.

"Every day, we see new cyber attacks launched by malicious actors who are constantly seeking new ways to breach our systems... Clearly, this is a fast-evolving environment and increasingly, you see that it is one that is of relevance to the defence and security domain."

The bigger picture is that cyberspace is emerging as the next battlefield, said Mr Koh, who is also deputy secretary for special projects at Mindef.

"Some countries have begun to recognise cyber as a domain similar to air, land and sea. Some have even gone so far as to say that the next major conflict will see cyber activity as the first activity of a major conflict," he added.



While there will be some risks in inviting hackers to test the systems, such as an increase in website traffic and the chance that these "white hat" hackers will turn over discovered vulnerabilities to the dark Web, measures will be put in place.

"(If) we can't even manage the increase in traffic, that in itself would be a vulnerability that we would need to address," said Mr Koh.

White-hat hackers are those who break into protected systems to improve security, while black-hat hackers are malicious ones who aim to exploit flaws.

The programme conducted by US-based bug bounty company HackerOne is expected to cost about $100,000, depending on the bugs found. But Mr Koh noted that this would be less than hiring a dedicated vulnerability assessment team, which might cost up to a million dollars.

Mr Teo Chin Hock, deputy chief executive for development at the Cyber Security Agency (CSA), said: "By embarking on a bug bounty programme, companies have the advantage of uncovering security vulnerabilities on their own by harnessing the collective intelligence and capabilities of these experts and addressing these vulnerabilities before the black hats do."


In a statement, he added that the CSA is currently in discussions with some of Singapore's 11 designated critical information infrastructure sectors which have expressed interest in exploring a similar programme for their public-facing systems.

Large organisations, such as Facebook and the United States Department of Defence, have embarked on similar initiatives with some success.

For instance, a similar Hack the Pentagon programme, also conducted by HackerOne, was launched by the US defence department in 2016. A total of 138 bugs were found by more than a thousand individuals within three weeks.

The initiative caps a year in which Singapore has been gearing up for the battlefront in cyberspace.


In March, it was announced that the Defence Cyber Organisation will be set up to bolster Singapore's cyber defence, with a force of cyber defenders trained to help in this fight.

KUELEKEA MWISHO WA MWAKA TUNATEGEMEA MASHAMBULIZI MTANDAO ZAIDI

Nikizungumza na kundi maalum katika vikao vinavyoendelea nimewasilisha ujumbe wa Tahadhari ambapo Uma umetahadharishwa juu ya mashambulizi takriban Milioni hamsini (50 Milioni) duniani kote katika kipindi cha sikukuu yatakayo gharimu kati ya Dola 50 – Dola 5’000 kwa kila shambulizi.

Matarajio hayo ni kutokana na matumizi makubwa ya mtandao katika kufanya miamala mbali mbali ya manunuzi ya bidhaa katika kipindi hiki cha sikukuu ambapo watu wengi duniani kote wamekua wakinunua vitu mbali mbali kwa wingi kwa njia ya mitandao.

------------------------------
RELATED POST:
------------------------------

Kwa mujibu wa ripoti ya kitelijensia ya matishio mtandao, iliyo wasilishwa na NTT Security – Imeeleza uwepo wa takriban utengenezwaji wa tovutiMilioni moja na nusu zenye mlengo wa kurubuni  kila mwezi ambazo baadhi yao zinadumu kati ya masaa ma nne had inane na kutoweka. Hili niongezeko la asilimia 74 (74%) kulinganisha na takwimu za miezi sita iliyopita.




Maangalizo kadhaa ya muhimu ambayo watumia mitandao wanatakiwa kuzingatia ili walau kupunguza wimbi hili la uhalifu mtandao ni kama ifuatavyo:-

Jiepushe kutumia Wi-Fi za bure unapofanya miamala kwa njia ya mtandao.

Kua makini na program tumishi unazopakua mtandaoni – hakikisha zinatoka katika vyanzo vyenye sifa njema na kuaminika.

Usisambaze mtandaoni taarifa zako binafsi ikiwa ni pamoja na Nywila (neon siri)
Hakikisha unatumia neon siri (Nywila) madhubuti ili kujiepusha na udukuzi unaoweza kukukuta.

Upokeapo jumbe mtandaoni zenye mlengo wa ushawishi wa kukupatia zawadi na kukutaka ufungue viambatanishi, Usifungue viambatanishi hivyo kwani wahalifu mtandao wanatumia fursa hii kusambaza virusi vinavyoweza kukuletea athari mbali mbali ikiwemo kupelekea wizi mtandao.

------------------------------------
NEWS BRIEF:
"In the first half of 2017, 1.9 billion data records were either lost or stolen through 918 cyber-attacks. Most of the attacks used ransomware, a malware that infects computers and restricts access to files in exchange for a ransom"
------------------------------------

Kakikisha vifaa vyako unavyotumia kwa ajili ya mtandao (Simu, Tableti , Komputa yako na vinginevyo) vimewekwa Ant-Virus iliyo ndani ya wakati na pia una sakinisha (Install patches) mara tu zinapo tolewa.

 Jijengee tabia ya kupitia taarifa fupi za miamala (Bank statement) na unapo ona kuna muamala usio utambua utoe taarifa mara moja kwa hatua Zaidi.

------------------------------------
UPDATES:
" We have seen many incidents using anti-forensics tools and methods in an effort to erase signs of their presence and increase the time they are able to explore the network before they are detected, commonly known as “dwell time”.
------------------------------------

Aidha, Kwa Upande Mwingine - Baroness Shields (Mshauri wa waziri mkuu wa uingereza) ametoa wito kwa wabunge wa nchini humo kuacha mara moja tabia ya kuweka wazi maneno yao ya siri (Nywila) au kuwapatia wasaidizi wao.



Akizungumza nao, Aliwaeleza wakiona kuna umuhimu basi wasaidizi wao watapatiwa maneno siri yao (Nywila) pale wanapo wahudumia katika kazi zao.

UK: NHS TO LAUNCH £20M CYBER SECURITY OPERATIONS CENTER

In the recent years, most developed countries are investing significantly in cyber defence & attack capabilities. The NHS is now spending £20m to set up a security operations centre that will oversee the health service's digital defences.

Among others, NHS will employ "ethical hackers" to look for weaknesses in health computer networks, not just react to breaches – Such hackers use the same tactics seen in cyber-attacks to help organisations spot weak points.

--------------------------
UPDATES: The UK's Information Commissioner's Office states that organisations must take "appropriate" security measures to protect personal data and consider notifying the individuals concerned if there is a breach.
--------------------------

In May, one-third of UK health trusts were hit by the WannaCry worm, which demanded cash to unlock infected PCs.

In a statement, Dan Taylor, head of the data security centre at NHS Digital, said the centre would create and run a "near-real-time monitoring and alerting service that covers the whole health and care system".


The centre would also help the NHS improve its "ability to anticipate future vulnerabilities while supporting health and care in remediating current known threats", he said.

And operations centre guidance would complement the existing teams the NHS used to defend itself against cyber-threats.

NHS Digital, the IT arm of the health service, has issued an invitation to tender to find a partner to help run the project and advise it about the mix of expertise it required.
Kevin Beaumont, a security vulnerability manager, welcomed the plan to set up the centre –  "This is a really positive move," he said.

Many private sector organisations already have similar central teams that use threat intelligence and analysis to keep networks secure.

"Having a function like this is essential in modern-day organisations," Mr Beaumont said.

"In an event like WannaCry, the centre could help hospitals know where they are getting infected from in real time, which was a big issue at the time, organisations were unsure how they were being infected".



In October, the UK's National Audit Office said NHS trusts had been caught out by the WannaCry worm because they had failed to follow recommended cyber-security policies.


The NAO report said NHS trusts had not acted on critical alerts from NHS Digital or on warnings from 2014 that had urged users to patch or migrate away from vulnerable older software.

UKUAJI WA MATUMIZI YA TEHAMA WAONGEZA UHALIFU MTANDAO

Mataifa mengi yameendelea kuwekeza katika sekta ya TEHAMA ili kurahisisha huduma mbali mbali kwa jamii za mataifa husika – Ikiwa ni pamoja na mawasiliano, huduma za Afya, kifedha na hata usafirishaji ambapo TEHAMA imekua ikitumika kwa kiwango cha juu zaidi tofauti na miaka iliyopita.

---------------------
UPDATE:Apple has addressed a glitch that caused some iPhones to unexpectedly start auto-correcting the letter "i" to a capital "A" and a question mark.
--------------------

Kuwepo na Kinacho tambulika kama “Internet of things (IoT)” ambapo kimsingi ni kila kitu kitakua kimeunganishwa kwenye mtandao kunapelekea kuendelea kukua kwa uhalifu mtandao ambapo madhara yake yanategemewa kua makubwa zaidi ya ilivyo zoeleka.

Katika kipindi cha mwaka 2016/2017 Tumeshuhudia matukio kadhaa ya kihalifu mtandao ambapo mataifa mengi yamejikuta katika hasara kubwa kutokana na mashambulizi mtandao.

--------------------
NEWS UPDATE:A group of researchers and private industry experts, along with DHS officials, remotely hacked a Boeing 757 airplane owned by the DHS that was parked at the airport in Atlantic City, New Jersey.
--------------------


Mategemeo ni kwamba, 2018 – Mashambulizi mtandao yatakua na athari zaidi kutokana na vitu vingi kuunganishwa kwenye mtandao.

Nikizungumza katika vikao vya viongozi wa TEHAMA vilivyo kamilika nilipata kuainisha mashambulizi mbali mbali ya kimtandao kuanzia katika sekta za kifedha, kielimu, Afya, Serikali mbali mbali na hata katika vyombo vya usafiri ambapo magari aina ya “Jeep” pamoja na “Volkswagen” ni miongoni mwa wahanga wakubwa ma uhalifu mtandao.

Aidha, Nili aninisha mambo ya msingi tuliyo kubaliana mapema mwaka huu na kuingiza katika machapisho juu ya namna ya kukabiliana na aina mbali mbali ya matukio ambayo yamejitokeza zaidi kwa kipindi cha mwaka 2016 – 2017.

--------------------
ALERT:Europol boss, Rob Wainright has warned that Ransomware attacks now number as many as 4000 per day, with cybercrime operations large and sophisticated enough to threaten critical infrastructure.
--------------------

IDADI KUBWA YA PROGRAM TUMISHI ZIMEENDELEA KUIBA TAARIFA ZA WATUMIAJI

Nchini Tanzania Matumizi ya TEHAMA yame endelea kukua katika maeneo mbali mbali. Hii ime endelea kurahisisha upatikananaji wa huduma muhimu na kuwezesha watu kuendelea kuwasiliana kwa urahisi.

Viwanda na Taasisi mbali mbali zimeendelea kutumia TEHAMA ili kukuza ufanisi na kufikia watu wengi kwa kipindi kifupi. Miamala ya kifedha, ukusanyaji kodi, pamoja na mawasiliano ni baadhi tu ya mambo yanayo wezeshwa na TEHAMA nchini.

Usalama wa mifumo ya TEHAMA ni moja ya jambo muhimu sana ambapo Tanzania inapaswa kuwekeza ili kujilinda na aina zozote za kialifu mtandao ambazo zinaweza kupelekea huduma muhimu kutopatikana na hatimae uchumi wa Nchi kuyumba.

-------------------
STATISTICS: Tanzania installed 27,000 KMSof optic fiber connecting all regions and it has 7 mobile operators – About 94%network coverage, 85% SIM penetration and 40% internet users.
-------------------
Mkutano mkuu wa mwaka wa wataalam wa TEHAMA nchini Tanzania ulio fanyika mwishoni mwa wiki iliyopita (26 – 27, Octoba – 2017) jijini Dar-es salaam ulipata kujadili usalama mtandao ambapo mada kadhaa zilizo jikita katika kutoa elimu ya namna bora za kuimarisha usalama wa mifumo yetu zili wasilishwa na kujadiliwa.


Binafsi, Nilizungumza na washiriki kuhusiana na namna bora ya kulinda taarifa zinazo patikana kwenye simu zetu na komputa mpakato (Protecting Mobile devises Data) ambapo vifaa hivi vimekua vikitumika katika utendaji wa shughuli za kiofisi na kufanya miamala ambapo taarifa hizo zimekua muhimu kulindwa dhidi yawahalifu mtandao.
-------------------
QUOTE: “Companies today allow Individuals to make use of their own mobile devises to perform their jobs with direct access to organization’s sensitive data – Therefore, Data in our mobile device are very important for the operations and financial well-being of our business.” – Yusuph Kileo.
-----------------------

Kumekua na kawaida ya kusoma barua pepe za ofisini kupitia simu zetu za viganjani, Kufanya kazi za kiofisi kupitia komputa mpakato binafsi tukiwa maeneo mbali mbali huku yote haya yakipelekea kuweka taarifa muhimu za kikazi kua hatarini kuweza kuingia katika mikono ya wahalifu mtandao endapo hatua stahiki ya kuzilinda hazitachukuliwa.

KUTOEA KUSHOTO: Yusuph Kileo (Mjumbe wa bodi ya wakurugenzi AfICTA), Prof. Mike Hinchey (Raisi wa IFIP) , Samson Mwela (Mkurugenzi Mkuu Tume ya TEHAMA), Prof. Rai (Mkuu wa chou kikuu cha zanzibar - SUZA) na Neema Sinare (Raisi wa ISACA)

Aidha, Vifaa hivi vinaweza kuibiwa na taarifa hizi muhimu kuwa katika hatari ya kutumika vibaya. Hivyo umuhimu wa kuzilinda taarifa hizi muhimu ni wajibu wa kila mtumiaji.

Umakini wa Programu tumishi, tunazo zi weka kwenye simu zetu ni wa kuzingatiwa kwa kiasi kikubwa kwani kutokana na chunguzi mbali mbali ambazo tumeendelea kuzifanya katika ngazi ya kidunia, umebaini asilimia kubwa ya program tumishi kua na tabia ya kuiba taarifa za watumiaji na kuzitumia watakavyo.

---------------------
Non-sanctioned applications create a risk to the mobile devises and for enterprises.
October, 2016 – The Top 10 flash App were discovered as Malware.
Feb, 2017 – According to Cisco, 27% of 222,000 assessed applications present a high-risk.
May, 2017 –100’s of Apps investigated were all found with serious Snooping and spying Characteristics.

---------------------




Jitihada mbali mbali zimechukuliwa ikiwa ni pamoja na makubaliano ya mwaka 2014 yaliyo elekeza kila program tumishi kueleza kwa ufupi kila watakacho toa bure kwa mtumiaji na watakacho chukua kwa mtumiaji sanjari na kutoa fursa ya mtumiaji kukubali au kukataa. Aidha, Tuliasa watengenezaji wa Program tumishi kuhakiki wanazilinda ili kutoruhusu wahalifu mtandao kuziingilia na kuzitumia vibaya kwa kufanya uhalifu.


Wazungumzaji wengine walionyesha mapungufu mbali mbali ya kiusalama mtandao yanayo patikana nchini na kuasa taifa kufunga mikanda zaidi.

Kiujumla, Kukuza uelewa kwa watumiaji mitandao kua na matumizi bora, Kuongezea wataalam wetu ujuzi, Kuimarisha mashirikiano katika kudhibiti matukio ya kihalifu mtandao, Kuondoa urasimu usio wa lazima katika kukabiliana na uhalifu mtandao, Kuwa na watu sahihi maeneo sahihi ya kudhibiti uhalifu mtandao, na kua na vifaa sahihi na madhubuti vya kukabiliana na uhalifu mtandao ni miongoni mwa mambo yaliyo onekana kutakiwa kufanyiwa kazi ili kuweza kupiga hatua dhidi ya kukabiliana na uhalifu mtandao nchini.

Matukio ya kihalifu mtandao yanayo kumba taasisi moja hayapaswi kujirudia kwenye taasisi nyingine – huo ulikua wito wangu kwa washiriki wote. Utoaji wa taarifa za kialifu mtandao ili ziweze kupatiwa suluhu ni muhimu pia kwani kuficha taarifa hizi huku matukio kuendelea kuonekana yakijirudia kunaweza kupelekea changamoto za upotevu wa fedha kimtandao kuendelea kukua nahii ina athari kubwa kwa uchumi wa taifa.


Wito ulitolewa kwa vyuo vyetu Nchini kuondokana na mifumo ya kizamani iliyo nyuma na wakati kwa kujitazama upya na kuandaa mitaala itakayo weza kutengeneza wataalam wenye uwezo wa kukabiliana na uhalifu mtandao nchini.

THE RISE OF FINANCIAL CYBER THREATS

FINANCIAL threats are still profitable for cyber criminals and, therefore, continue to be an enduring part of the threat landscape. From financial Trojans that attack online banking, to attacks against automated teller machines (ATMs) and fraudulent interbank transactions, there are many different attack vectors utilised by criminals.

Symantec predicted in 2015, there was an increase in attacks against corporations and financial institutions during 2016. This was evident from a series of high-value heists targeting Society for Worldwide Interbank Financial Telecommunication (Swift) customers. While there is no evidence of any such high value heists on Swift customers this year, the 2016 attacks saw several such institutions lose millions of dollars to cyber criminals and nation state-supported attackers such as the Lazarus group.


On average, 38 per cent of the financial threats we detected in 2016 were found in large business locations. Most of these infection attempts were not targeted attacks but were instead due to widespread email campaigns. Although we have seen a 36 per cent decrease in detection numbers for financial malware in 2016, this is mainly due to earlier detection in the attack chain and more focused attacks.


With more than 1.2 million annual detections, the financial threat space is still 2.5 times bigger than that of Ransomware. The financial Trojan threat landscape is dominated by three malware families: Ramnit, Bebloh (Trojan.Bebloh), and Zeus (Trojan.Zbot). These three families were responsible for 86 per cent of all financial.

Trojan attack activities in 2016. However, due to arrests, takedowns, and regrouping, we have seen a lot of fluctuations over the last year. Globally, financial institutions in the US were targeted the most going by the samples analysed by Symantec, followed by Poland and Japan.



Infection vectors for financial Trojans haven't changed much in the past year and are still identical to other common Trojans. Distribution mainly relies on spam email with malicious droppers attached and web exploit toolkits. The use of scam emails was the most prevalent method of distribution for financial Trojans in 2016.

The already well-known Office document attachment with malicious macros continued to be widely used. However, Microsoft Visual Basic Scripting (VBS) and JavaScript (JS) files in various attachment forms have also been used in massive spam runs to distribute malware.

We have also seen Office documents without macros, and instead with embedded OLE objects and instructions for the user to double-click the payload. The Necurs botnet (Backdoor.Necurs), which sent out more than 1.8 million JS downloaders in one day alone in November 2016, highlights the magnitude of some of these campaigns.

Phishing emails, where the victim is lured to fake websites that trick them into revealing their account details, decreased to just one in 9,138 emails in March 2017. In 2016, the average number of phishing emails was slightly higher than one in 3,000 emails. Simple phishing no longer works against most banks and financial institutions, as they rarely rely on static passwords alone. But phishing attacks can still be successful in stealing online retail account credentials and credit card details.

-------------------
Equifaxhas revealed 2.5 million more Americans than previously thought may have had information compromised in a huge cyber security breach at the firm.
The credit report giant said, about 145.5 million of its US customers might have been affected, up from a previous estimate of 143 million.
---------------------

ATM and point of sales (POS) attacks continued to increase in 2016. ATM malware has been around for 10 years but is still effective. With the increase of targeted attacks aimed at banks, we also saw an increase in attacks against ATMs from within the financial network. Since the adoption of Chip & PIN has begun to spread outside of Europe, we have seen a decrease of classic memory scraping threats, as they are no longer efficient for the attackers.

There are various degrees of sophistication seen in the wild when it comes to ATM attacks. For some attacks, the criminals need physical access to the ATM computer and they get this by opening the cover with a stolen key or picking the lock.

Once they have access to a USB port or the CD-ROM, they can install malware and attach a keyboard to issue commands (the Ploutus malware uses this attack vector).

Similar attacks have been reported in hotels where attackers used the often exposed USB ports on the backside of the check-in computers to install malware.

 In retail stores the attackers added their sniffer to an exposed network port inside the shop. This allows them to compromise any attached POS device and scrape the memory for payment card information.

With physical access to the ATM, another attack vector is possible. As reported in April 2017, some attackers discovered they could drill a hole into the ATM casing in order to access the internal bus system. Once access is obtained, a cheap microcomputer is all that is needed to send commands to the bus in order to make the ATM dispense its cash.

We have also seen trends in financial malware attempting to hide configuration files from researchers as well as the move to redirect attacks or even manually log into the system to issue large transactions if interesting financial software is detected.

Mobile threats on Android are mainly focusing on form overlay attacks or fake online banking apps. We have seen more than 170 mobile apps targeted by mobile malware. Mobile threats are still relevant as many financial institutions have deployed two-factor authentication through mobile phone applications.

As it has become more difficult to conduct such attacks on the latest Android OS, we have seen attackers reverting to social engineering attacks, where they trick victims into authorising fraudulent transactions. The end-user still remains the weakest link in the chain during an online transaction, which means even the strongest technologies are susceptible to social engineering attacks.

When a cyberattacker successfully compromises an internal network, he can steal any credentials that will help maximise his profits. This could mean stealing online banking credentials, sensitive personal data or other passwords. It is common for financial threats to steal any other account information that they can find on a compromised computer.

Once compromised, cyberattackers can use any stolen information to spread their malware further, or even sell them on underground forums. Credit card details are still the most sold digital goods on the underground forums, while bank account access information is priced according to the account balance.

For example, an account with US$1,000 in it can be sold for US$10. An account with a greater balance will be on sale for a larger sum.

The attacks are not only targeting the banks' customers. We have seen several attacks against the financial institutions themselves, with attackers attempting to transfer large sums in fraudulent inter-bank transactions. Financial institutions are confronted with attacks on multiple fronts. The main two types are attacks against their customers and attacks against their own infrastructure.

In the event of a cyber breach, companies' losses extend far beyond just monetary value. Their reputation and customers' trust - areas that take time and effort to develop - will also be damaged. We expect financial threats to remain a problem for end-users in the future, but attackers will likely increase their focus on corporate finance departments and using social engineering against them. Prevention is by far the best outcome, so it pays to pay attention to how cyber breaches can be avoided. Emails and infected websites are the most common infection vectors for malware. Adopting a robust defence against both these infection vectors will help reduce the risk of infection.


We expect financial threats to remain a problem for end-users in the future, but attackers will likely increase their focus on corporate finance departments and using social engineering against them.