tag:blogger.com,1999:blog-371462752024-03-08T17:22:22.289+03:00Kenya-ByteThe Kenyan ICT Industry &
Fundamental Issues Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.comBlogger177125tag:blogger.com,1999:blog-37146275.post-60599041828800486772022-10-20T10:21:00.002+03:002022-10-20T10:21:19.732+03:00We are Back!!Been away for a long long time....but now back to continue the discourse!!!Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com0tag:blogger.com,1999:blog-37146275.post-41237967985072828382017-11-24T11:58:00.000+03:002017-11-24T11:58:56.711+03:00<div class="separator" style="clear: both; text-align: center;"><a href="https://2.bp.blogspot.com/-WOFsmubqOxw/Whfc8c9nmxI/AAAAAAAALX4/Vys9dpft9kQVLGwlQaQkjGR4DLI5LiEyQCLcBGAs/s1600/DFS.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://2.bp.blogspot.com/-WOFsmubqOxw/Whfc8c9nmxI/AAAAAAAALX4/Vys9dpft9kQVLGwlQaQkjGR4DLI5LiEyQCLcBGAs/s320/DFS.png" width="320" height="271" data-original-width="628" data-original-height="532" /></a></div>Attended the Digital Forensic Seminar Kenya 2017 hosted by Cyber Security Africa and Guidance Software - OpenText.<br />
<br />
Also present was Digital Intelligence. <br />
<br />
Impressed by the new Guidance tools on offer and of course Digital Intelligence's FRED server. <br />
<br />
The astonishing thing was the number of Computer Forensics professionals in the room, this was a pleasant departure from the past when such forums had no quorum. <br />
<br />
Did you know Kenya Prisons have a Computer Forensic Lab...now you know!!!!<br />
<br />
Cyber Security Africa...keep up the good job.<br />
<br />
Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com0tag:blogger.com,1999:blog-37146275.post-79472066766687897232017-11-24T11:19:00.001+03:002017-11-24T11:19:17.290+03:00<b>THIS IS IMPORTANT!!!<br />
<br />
<b>Bitcoin Case at Kenya’s Milimani Law Courts Sets Precedence<br />
</b><br />
November 24, 2017 - Kenyan WallStreet Kenyan News</b><br />
<br />
Three peer-to-peer bitcoin traders in Kenya were charged with conspiracy to commit a felony at the Milimani Courts in Nairobi on Wednesday morning. Emma Kariuki, Stanley Mumo and Timothy Gachehe face three counts of stealing Sh 10.2 million from a local bank and mobile money operator. The sum was stolen from I&M Bank and Safaricom Pay Bill No 517822, and subsequently wired to multiple bank accounts; 3 of the receiving accounts belonged to the co-accused. All 3 were released on cash bail of 500,000 KES pending a hearing on January 18.<br />
<br />
But the charge sheet and court records failed to capture the background leading up to the charges that sets a precedent in Kenya and leaves much to be questioned on what truly happened.<br />
<br />
Emma and Stanley insist the money they received – 600,000 and 399,000 respectively, was settlement for a business trade transaction. Both have been trading bitcoin for close to 5 years combined as part of a peer-to-peer bitcoin marketplace that has taken root in Kenya to fill demand for cryptocurrencies. However, in one of their trades on Friday 17th November, a trader by the name ‘BADASS20’ paid for bitcoins using funds stolen from I&M.<br />
<br />
While bank statements show a transfer of funds into their account, a chat history from the marketplace shows the accompanying transaction was indeed a purchase of 1.2 BTC. Emma denies knowledge of the the source of funds nor the identity of ‘BADASS20’ – a pseudonym – also used to trade with Stanley.<br />
<br />
Since a public notice on virtual currencies from the Central Bank of Kenya in 2015, traders have turned to localbitcoins.com for buying and selling bitcoin. Volumes of the digital asset, now priced at Sh910,000 each, are at a staggering 50 million KES per week. The online service works like email where users are not required to disclose their identity – only a record of trading history, reputation and chats is maintained.<br />
<br />
The bank accounts of the co-accused were frozen on Saturday pending the investigation by the banking Fraud Investigation Unit BFIU, a CID department that works closely with Central Bank.<br />
<br />
Emma and Stanley were hauled in at BFIU headquarters on Saturday to explain their part in the missing funds sent to various Mpesa Paybill, Equity Bank and Cooperative Bank accounts. Officers from the department used an electronic trail of the missing funds to track the bank accounts of the co-accused. Even though matching trade amounts via bank from ‘BADASS20’ show the source of wired funds, no other suspects were indicted apart from the three recipients.<br />
<br />
Bitcoin – a digital currency free from government control and unregulated in Kenya, appeals to criminals for its qualities that resemble cash. By purchasing bitcoin with stolen funds, ‘BADASS20’ effectively cashed out into a digital commodity that cannot be seized or frozen.<br />
<br />
Emma spent the nights of Saturday 19th and Monday 21st at Kileleshwa police before posting 500,000 KES bail at Milimani Courts on Wednesday morning. All were released on Wednesday evening and will appear in court in December for a mentioning and January for a full hearing.<br />
<br />
The first of its kind, the case sets precedence for a bank fraud case involving cryptocurrencies. It raises pertinent questions regarding the status of bitcoin – as a commodity or currency and the limited capacity of law enforcement to seize digital assets. Whatever the outcome of the case and the frozen bank account funds, the laundered bitcoins remain in the custody of the fraudster and can never be recovered.<br />
<br />
Courtesy of KenyanWallStreet (http://kenyanwallstreet.com/bitcoin-case-kenyas-milimani-law-courts-sets-precedence)Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com0tag:blogger.com,1999:blog-37146275.post-58870299581231920362017-10-31T17:47:00.003+03:002017-11-24T11:31:27.806+03:00Social Media ^ KenyaWhat is the value of Social Meidia to a Kenyan company? Simple - ability to create deeper relationahsips with consumers in ur Village!Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com1tag:blogger.com,1999:blog-37146275.post-31245115062230195332017-10-31T17:38:00.002+03:002017-10-31T17:38:44.910+03:00Social Media ^ KenyaSocial Media scalability has enabled us to create virtual villagesBenson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com0tag:blogger.com,1999:blog-37146275.post-1126400416694327142017-10-31T17:30:00.001+03:002017-10-31T17:30:33.943+03:00Social Media ^ KenyaSocial Media content creation is moving away from "What I think/opinionate" to "What is Happening Right Now"Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com0tag:blogger.com,1999:blog-37146275.post-76487554935173745742017-10-31T15:55:00.002+03:002017-10-31T15:56:04.248+03:00Social Media ^ KenyaKenyan Social Media allows a One to One, a One to Many and a One to None ConversationBenson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com0tag:blogger.com,1999:blog-37146275.post-44247391155908325702017-10-31T15:42:00.001+03:002017-10-31T15:42:21.647+03:00Social Media ^ KenyaSocial media has democratised Kenyans by turning them from zombie consumers to enlightened publishersBenson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com0tag:blogger.com,1999:blog-37146275.post-37135667618051986142015-03-12T08:57:00.000+03:002015-03-12T08:57:27.331+03:00New Digital Registry To Limit Identity Theft, Catch AliensThe government has launched a national registry that could help minimise identity fraud by integrating personal information databases held by all State agencies.<br />
<br />
The registry, expected to be operational by March next year, is expected to ease verification of individuals’ details and help catch and deter fraudsters and illegal immigrants.<br />
<br />
The Integrated Population Registration System (IPRS) unveiled on Wednesday by President Uhuru Kenyatta will record Kenyan citizen’s details at birth and over their lifetime, periodically updating their digital files with copies of their documentation.<br />
<br />
The government hopes the new system will help in nabbing identity thieves and fraudsters and protect the country from the recent wave of insecurity, crimes that have been blamed on the lack of an organised central citizenry database.<br />
<br />
The IPRS will also be used to clean up the election registry by automatically erasing the names of deceased Kenyans who have in past elections been illegally registered as voters.<br />
<br />
“Our civil data was contained in old manual systems maintained under different agencies held by different institutions,” said Mr Kenyatta directing all State agencies to connect to the system by March 2016.<br />
<br />
“Anyone desiring information on an individual has to navigate huge volumes of manual data, making verification and due diligence processes difficult. This hampers the capacity of stakeholders to detect or prevent fraud, impersonation and other criminal activities.”<br />
<br />
The new registry was developed a year ago and has since then been tested by institutions like KCB Group (using it for their mobile money platform) and City Hall (for their e-wallet initiative).<br />
<br />
<b>When a newborn is registered, their birth certificate data will be fed into the IPRS system, which will allocate the child an 11-digit code that will remain their unique identifier for life.</b><br />
<br />
Their file will continually be updated with digital copies of documents like their secondary and primary school certificates as they attain them and national identity card when they hit 18 years.<br />
<br />
Copies of the individual’s Personal Identification Number (PIN), National Social Security Fund and National Hospital Insurance Fund cards, marriage certificates, driving licences as well as their passports will also be fed into the system.<br />
<br />
George Anyango, the IPRS Director, said the system has already documented one million newborns while details of another 17 million citizens aged below 18 years will be uploaded in six months.<br />
<br />
The details of 24 million Kenyans who have ID cards have also been fed into the system.<br />
<br />
“When State and private agencies connect to the IPRS system, they will be able to pull the information on an individual in real time and be able to compare what is being presented to them with the digital records,” said Mr Anyango.<br />
<br />
The IPRS system will be connected to the smart national identity cards registry, a database that will see Kenyans receive one ID containing information from the tax office, Registrar of Motor Vehicles and the Registrar of Persons.<br />
<br />
Registering for the new cards was meant to begin last month but is yet to kick off, with President Kenyatta on Wednesday directing that “the process should begin without further delay”.<br />
<br />
Courtesy of: http://www.businessdailyafrica.com/New-digital-registry-to-minimise-identity-theft-/-/539546/2650136/-/in78br/-/index.html Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com0tag:blogger.com,1999:blog-37146275.post-31296207238141159742015-03-06T11:30:00.001+03:002015-03-06T11:30:20.109+03:00The Blind SpotThe President in his speech to the ICT Sector Innovation Forum (March 3, 2015) rightly acknowledges that Kenya’s ICT sector has transformed the country. More importantly he acknowledges that ICT is an important pillar in the future development of Kenya as exemplified in the National Vision 2030.<br />
<br />
The President also states that the Digital Talent Program aims at spearheading the development of higher achievers into public servants of great impact. My interpretation is that talented Kenyan ICT prodigies are also set to benefit from this program.<br />
<br />
Inasmuch as we appreciate the commendable effort by the government to “technologize” Kenya there is a fundamental blind spot in its strategy.<br />
<br />
The President’s speech made no mention of how his government will <b>professionalize</b> the ICT sector in Kenya. <br />
<br />
The ICT accomplishments that the President extols have therefore, by default, been achieved by non-professionals. <br />
<br />
The innovations we are all benefiting from have been facilitated by Kenyans who are classified as non-professionals by the Government. <br />
<br />
ICT professionals in Kenya are spurring economic development and saving lives. They are making life easier and more productive. Despite all these they are not recognized as professionals because there is no statute entrenching ICT as a profession in Kenya. <br />
<br />
My request to the Government of Kenya is that Kenya will not fully realize its ICT potential unless ICT workers are legally recognized as professionals just like teachers, lawyers etc. <br />
<br />
This sector needs a solid legal bedrock on which we can build a knowledge based economy. A bedrock that will regulate and promote its member. <br />
<br />
It is high time the Government acknowledged this blind spot. <br />
<br />
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||<br />
<br />
<b>President’s speech – ICT Innovation Forum<br />
<br />
March 3, 2015/in News, Press /by PSCU<br />
<br />
SPEECH BY H.E. HON. UHURU KENYATTA, C.G.H., PRESIDENT AND COMMANDER IN CHIEF OF THE DEFENCE FORCES OF THE REPUBLIC OF KENYA DURING THE OFFICIAL OPENING OF THE ICT INNOVATION FORUM, KENYATTA INTERNATIONAL CONFERENCE CENTRE, NAIROBI, 3RD MARCH, 2015<br />
<br />
</b>Distinguished Guests,<br />
<br />
Ladies and Gentlemen,<br />
<br />
I am pleased to join you at our very first national ICT sector Innovation Forum.<br />
<br />
This is an important event coming at a critical time in our quest to transform our country to a truly middle-income industrial nation.<br />
<br />
There is no way we can expect to achieve this ambitious dream without fully automating our production and governance systems.<br />
<br />
Ladies and Gentlemen,<br />
<br />
I am happy to say we as a country have recognized the place of ICT in our development agenda. Indeed, Kenya’s ICT sector is vibrant, ambitious and visionary. This is what has enabled it to transform this country into one of the world’s smartest societies. It has made life easier, work more productive and enterprise more efficient and<br />
profitable for our people.<br />
<br />
For corporations and other organizations in the public and private sector and even in government, ICT has transformed how we work and deliver. Indeed, through ICT, Government has become more efficient, more accountable and more transparent.<br />
<br />
Moreover, ICT remains the home of great promise for us as Kenyans. Given our positive ICT experience, we fully expect the sector to play an even greater role in national development and governance.<br />
<br />
That is why ICT is an integral component of our National Vision2030. Our ICT Masterplan projects that the sector can comfortably generate more than 180,000 jobs between now and 2017.<br />
<br />
It is also expected to contribute at least 8% of our Gross Domestic Product in the same period. By all accounts, therefore, ICT is a big deal in Kenya.<br />
<br />
Innovation is the cornerstone of every transformative and visionary development strategy. Innovation is the catalyst of civilizational evolution. The entire history of socioeconomic revolutions rests on inventions and strategies borne of innovative minds.<br />
<br />
The Digital Revolution currently underway throughout the world is the single most transformative, large-scale and multidisciplinary force of change ever witnessed by humanity. It is powered solely by bold innovation in the ICT sector.<br />
<br />
As a regional and international hub, Kenya is an inevitable intersection of global trends and influences. The ICT revolution found us ready and able to run with the world’s fastest innovators and entrepreneurs in the sector.<br />
<br />
This has seen us become a leader in ICT entrepreneurship and innovation. The Silicon Savannah is a reality confirmed by transformative innovations conceived in the minds of Kenyans and implemented by Kenyan firms. When it comes to ICT, Kenya requires no introduction to the world. When it comes to innovation, we count among the leaders.<br />
<br />
I am happy to know that this is a forum dedicated to innovation.<br />
<br />
Innovation leads to wonderful solutions and reduces challenges.<br />
<br />
Innovation expands opportunities and spreads them among the people.<br />
<br />
Innovation promotes equality and integration. Innovation increases productivity and wealth. It is the way to the future.<br />
<br />
My Government has taken deliberate steps to support private entrepreneurs to thrive and employ more Kenyans.<br />
<br />
We are committed to making this country one of the world’s best investment destinations. To do this, we have made substantial progress in facilitating all entrepreneurs navigate the requisites of setting up in Kenya.<br />
<br />
We have invested tremendously in the infrastructure required to drastically lower the cost of production. We are supporting young people through Uwezo Fund and the Youth Fund to start their own enterprises and apply their talent to profitable innovations.<br />
<br />
The Digital Talent Programme is aimed at spearheading the development of high achievers into public servants of great impact.<br />
<br />
The ICT Authority is tasked with leading the charge in accelerating the growth of our ICT sector. A proper environment for excellence in ICT is my Government’s priority.<br />
<br />
The private sector has been a critical driver of ICT growth in Kenya.<br />
<br />
We expect that the private sector will maintain its leading role by stepping up efforts to develop talent and support entrepreneurship.<br />
<br />
Our higher education institutions continue the excellent work of training brilliant ICT leaders.<br />
<br />
I look forward to greater partnership between Government, the private sector and educational institutions to strengthen Kenya’s leadership position in ICT.<br />
<br />
I urge all stakeholders to contribute to the addition of more ICT incubation hubs into the existing network. This will enable more people engage in innovative activity throughout Kenya.<br />
<br />
The ICT Ministry must lead efforts by various stakeholders to ensure that Enterprise Kenya takes off and begins to nurture innovation in the sector.<br />
<br />
We are determined to expanding our ICT exports by directing our innovations to the regional and global market.<br />
We look to ICT to transform the way we do things in all sectors.<br />
<br />
Innovation will continue to transform service delivery in agriculture and food production, transportation, health, education, security,fiscal and financial management, justice, law and order among other sectors. ICT also enables more people to contribute to development.<br />
<br />
It extends opportunity to all irrespective of location, background, gender or disability. Indeed, by supporting innovation in the ICT sector, we are transforming opportunity.<br />
<br />
My Government is keen to expand and transform opportunity for all Kenyans.<br />
<br />
Thank you all for being here. As I conclude, I urge you to roll up your sleeves and proceed expeditiously with the business at hand.<br />
<br />
Innovation is a vital, urgent task that must not wait.<br />
<br />
Expectations are high, but you are more than capable of exceeding them. Do not hold back. Enjoy the adventure.<br />
<br />
It is now my pleasure to declare the ICT Innovation Forum is now officially opened.<br />
<br />
Thank you, and God bless you.<br />
<br />
<br />
Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com0tag:blogger.com,1999:blog-37146275.post-45332717479458132432015-03-05T16:35:00.001+03:002015-03-05T16:42:51.239+03:00<div class="separator" style="clear: both; text-align: center;"><a href="http://2.bp.blogspot.com/-_e3GiHdmQ18/VPhdJdl_-OI/AAAAAAAAG9Y/EiW5ED7oWg4/s1600/kachumbari.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://2.bp.blogspot.com/-_e3GiHdmQ18/VPhdJdl_-OI/AAAAAAAAG9Y/EiW5ED7oWg4/s1600/kachumbari.jpg" /></a></div><br />
Eight years have passed on...Kachumbari - The True Kenyan Villager...we remember.Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com0tag:blogger.com,1999:blog-37146275.post-62056072407608625912015-03-04T16:01:00.000+03:002015-03-05T11:25:52.825+03:00After a long haitus!!!!After a long haitus I am now officially back. <br />
<br />
First things first...below is the speech given by the President when opening the ICT Innovation Forum on 3rd March, 2015.<br />
<br />
Let me peruse it and tell you about one fundamental omission that deserves mention. <br />
<br />
----------------------------------------------------------------<br />
<b>President’s speech – ICT Innovation Forum<br />
<br />
March 3, 2015/in News, Press /by PSCU<br />
<br />
SPEECH BY H.E. HON. UHURU KENYATTA, C.G.H., PRESIDENT AND COMMANDER IN CHIEF OF THE DEFENCE FORCES OF THE REPUBLIC OF KENYA DURING THE OFFICIAL OPENING OF THE ICT INNOVATION FORUM, KENYATTA INTERNATIONAL CONFERENCE CENTRE, NAIROBI, 3RD MARCH, 2015<br />
<br />
</b>Distinguished Guests,<br />
<br />
Ladies and Gentlemen,<br />
<br />
I am pleased to join you at our very first national ICT sector Innovation Forum.<br />
<br />
This is an important event coming at a critical time in our quest to transform our country to a truly middle-income industrial nation.<br />
<br />
There is no way we can expect to achieve this ambitious dream without fully automating our production and governance systems.<br />
<br />
Ladies and Gentlemen,<br />
<br />
I am happy to say we as a country have recognized the place of ICT in our development agenda. Indeed, Kenya’s ICT sector is vibrant, ambitious and visionary. This is what has enabled it to transform this country into one of the world’s smartest societies. It has made life easier, work more productive and enterprise more efficient and<br />
profitable for our people.<br />
<br />
For corporations and other organizations in the public and private sector and even in government, ICT has transformed how we work and deliver. Indeed, through ICT, Government has become more efficient, more accountable and more transparent.<br />
<br />
Moreover, ICT remains the home of great promise for us as Kenyans. Given our positive ICT experience, we fully expect the sector to play an even greater role in national development and governance.<br />
<br />
That is why ICT is an integral component of our National Vision2030. Our ICT Masterplan projects that the sector can comfortably generate more than 180,000 jobs between now and 2017.<br />
<br />
It is also expected to contribute at least 8% of our Gross Domestic Product in the same period. By all accounts, therefore, ICT is a big deal in Kenya.<br />
<br />
Innovation is the cornerstone of every transformative and visionary development strategy. Innovation is the catalyst of civilizational evolution. The entire history of socioeconomic revolutions rests on inventions and strategies borne of innovative minds.<br />
<br />
The Digital Revolution currently underway throughout the world is the single most transformative, large-scale and multidisciplinary force of change ever witnessed by humanity. It is powered solely by bold innovation in the ICT sector.<br />
<br />
As a regional and international hub, Kenya is an inevitable intersection of global trends and influences. The ICT revolution found us ready and able to run with the world’s fastest innovators and entrepreneurs in the sector.<br />
<br />
This has seen us become a leader in ICT entrepreneurship and innovation. The Silicon Savannah is a reality confirmed by transformative innovations conceived in the minds of Kenyans and implemented by Kenyan firms. When it comes to ICT, Kenya requires no introduction to the world. When it comes to innovation, we count among the leaders.<br />
<br />
I am happy to know that this is a forum dedicated to innovation.<br />
<br />
Innovation leads to wonderful solutions and reduces challenges.<br />
<br />
Innovation expands opportunities and spreads them among the people.<br />
<br />
Innovation promotes equality and integration. Innovation increases productivity and wealth. It is the way to the future.<br />
<br />
My Government has taken deliberate steps to support private entrepreneurs to thrive and employ more Kenyans.<br />
<br />
We are committed to making this country one of the world’s best investment destinations. To do this, we have made substantial progress in facilitating all entrepreneurs navigate the requisites of setting up in Kenya.<br />
<br />
We have invested tremendously in the infrastructure required to drastically lower the cost of production. We are supporting young people through Uwezo Fund and the Youth Fund to start their own enterprises and apply their talent to profitable innovations.<br />
<br />
The Digital Talent Programme is aimed at spearheading the development of high achievers into public servants of great impact.<br />
<br />
The ICT Authority is tasked with leading the charge in accelerating the growth of our ICT sector. A proper environment for excellence in ICT is my Government’s priority.<br />
<br />
The private sector has been a critical driver of ICT growth in Kenya.<br />
<br />
We expect that the private sector will maintain its leading role by stepping up efforts to develop talent and support entrepreneurship.<br />
<br />
Our higher education institutions continue the excellent work of training brilliant ICT leaders.<br />
<br />
I look forward to greater partnership between Government, the private sector and educational institutions to strengthen Kenya’s leadership position in ICT.<br />
<br />
I urge all stakeholders to contribute to the addition of more ICT incubation hubs into the existing network. This will enable more people engage in innovative activity throughout Kenya.<br />
<br />
The ICT Ministry must lead efforts by various stakeholders to ensure that Enterprise Kenya takes off and begins to nurture innovation in the sector.<br />
<br />
We are determined to expanding our ICT exports by directing our innovations to the regional and global market.<br />
We look to ICT to transform the way we do things in all sectors.<br />
<br />
Innovation will continue to transform service delivery in agriculture and food production, transportation, health, education, security,fiscal and financial management, justice, law and order among other sectors. ICT also enables more people to contribute to development.<br />
<br />
It extends opportunity to all irrespective of location, background, gender or disability. Indeed, by supporting innovation in the ICT sector, we are transforming opportunity.<br />
<br />
My Government is keen to expand and transform opportunity for all Kenyans.<br />
<br />
Thank you all for being here. As I conclude, I urge you to roll up your sleeves and proceed expeditiously with the business at hand.<br />
<br />
Innovation is a vital, urgent task that must not wait.<br />
<br />
Expectations are high, but you are more than capable of exceeding them. Do not hold back. Enjoy the adventure.<br />
<br />
It is now my pleasure to declare the ICT Innovation Forum is now officially opened.<br />
<br />
Thank you, and God bless you.<br />
<br />
Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com0tag:blogger.com,1999:blog-37146275.post-18495620405282127792014-01-24T13:55:00.000+03:002014-01-24T13:55:50.827+03:00Happy New Year to all...<br />
<br />
This year we shall ask ourselves one pertinent question...why are ICT practitioners not recognized professionals in Kenya?<br />
<br />
Accountants have the Accountants Act which is a statute enabling ICPAK's operation. ICPAK is therefore a professional body that oversees public interest issues affecting Kenyan accountants including discipline, audit quality assurance, standards etc. <br />
<br />
Lawyers have the Law Society of Kenya which was established by an Act of Parliament – The Law Society of Kenya Act (Chapter 18 of the Laws of Kenya). The Law Society in its present form was formed in 1948 by section 3 of the Law Society of Kenya Ordinance, 1949. That Act was later repealed by the current Law Society of Kenya Act, which came into force on 30th October, 1992. LSK, as we all know, oversees matters of discipline, continuing education etc. <br />
<br />
Human Resources personnnel were recently recognized as professionals through the The Human Resource Management Professionals Act, 2012. This Act provides for the establishment of the Institute of Human Resource Management and the Human Resource Management Professionals Board which will examine, register and regulate human resource management professionals.<br />
<br />
Other professionals who are legally entrenched are:<br />
<br />
1) Medical Practitioners - Medical Practitioners and Dentists Act<br />
2) Architects - Architects and Quantity Surveyors Act<br />
<br />
Why then would we espouse "digitization" in our society without having a professional body for ICT professionals?<br />
<br />
Let us discuss!!!!Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com3tag:blogger.com,1999:blog-37146275.post-79566889234954250692013-09-23T20:11:00.000+03:002013-09-23T20:11:43.963+03:00Westgate<b>President Kenyatta:</b> I call on Kenyans to stand courageous and united. Let us not sacrifice our values and dignity to appease cowards.Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com4tag:blogger.com,1999:blog-37146275.post-56050835957220598012013-04-29T14:53:00.001+03:002013-04-29T14:54:10.312+03:00CISPA - Recent DevelopmentsOn April 26, 2012, the House of Representatives passed CISPA.<br />
<br />
On February 13, 2013, United States Representative Mike Rogers reintroduced the CISPA bill in the 113th Congress as H.R. 624.[6]<br />
<br />
On April 18, 2013, the House of Representatives passed H.R. 624.<br />
<br />
<b>The Senate has reportedly refused to vote on the measure and is drafting competing legislation.</b>Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com2tag:blogger.com,1999:blog-37146275.post-46074889235889342252013-04-21T18:48:00.000+03:002013-04-21T18:48:34.477+03:00Cyber Intelligence Sharing and Protection Act - Deciphering its implications to you!CISPA (Cyber Intelligence Sharing and Protection Act) will most likely pass through the House and the Senate in USA.<br />
<br />
We all need to pay attention to this Bill because we are avid consumers of the American technology market (Facebook, Twitter etc.). <br />
<br />
Another concern is this equation, try and solve it: <br />
<br />
<b>CISPA + Patriot Act = ?</b><br />
<br />
<b>The below article is from ZDnet</b><br />
(http://www.zdnet.com/what-is-cispa-and-what-does-it-mean-for-you-faq-7000013965/)<br />
Written by Zack Whittaker<br />
April 13, 2013 -- 23:00 GMT (16:00 PDT)<br />
<br />
<b>What is CISPA?</b><br />
<br />
CISPA, known officially as H.R. 624, is a cybersecurity Bill currently going through the motions in the lower house of Congress, the US House of Representatives. It is designed to help prevent and defend against cyberattacks on critical national infrastructure and against other internet attacks on private firms by obtaining and sharing "cyberthreat information".<br />
<br />
Its sole purpose is to allow private sector firms to search personal and sensitive user data of ordinary US residents to identify this so-called "threat information", and to then share that information with each other and the US government — without the need for a warrant.<br />
<br />
By citing "cybersecurity", it allows private firms to hand over private user data while circumventing existing privacy laws, such as the Wiretap Act and the Stored Communications Act. This means that CISPA can permit private firms to share your data, such as emails, text messages, and cloud-stored documents and files, with the US government.<br />
<br />
It also gives these firms legal protection to hand over such data. There is no judicial oversight.<br />
<br />
To make matters worse, because there is little transparency and individual accountability, those who have had their data handed to the US government may not even know about it or be given a chance to challenge it.<br />
<br />
<b>Wasn't CISPA put on the backburner after it failed in the Senate?</b><br />
<br />
In April 2012, the US House passed CISPA by a large majority, voting 248 to 168. It passed at a time when the White House threatened to veto the Bill should it pass the desk of President Obama, citing privacy and civil liberty concerns. But once it was handed to the Senate, it failed to gain traction, likely in light of similar legislation being drafted in the upper house at the time.<br />
<br />
<b>How is this new CISPA version any different from the old Senate-stalled version?</b><br />
<br />
The current version of CISPA, reintroduced into the House, has the same name and vastly the same content. CISPA was brought back to the House in its original format.<br />
<br />
Since being debated and amended by the House Intelligence committee, it has gone through a mark-up process that would tighten up certain language and add definitions. This process was decided upon by members to be conducted in secret, despite the controversy surrounding this Bill. While CISPA does not force or require a private firm to share data with the US government, major telecoms providers have illegally shared data with the US intelligence agencies before.<br />
<br />
During this recent mark-up process, less than half of the privacy re-enabling amendments that passed have "only chipped away at the edges of CISPA", according to the Electronic Frontier Foundation (EFF).<br />
<br />
These amendments now include:<br />
• Information for "national security" purposes: One amendment means the US government can only use data collected under CISPA for "cybersecurity purposes", and not used for "national security" purposes — a catch-all term that can and has been used to skirt Fourth Amendment rights. The second amendment imposes the same rule on private firms. However, "cybersecurity" is still loosely defined and could be misinterpreted or abused by private firms.<br />
• Hacking back: Private firms are limited from acting beyond their own networks to gather "cyberthreat information", such as "hacking the hackers". But the EFF noted that a "huge loophole" exists, which allows a firm to "still use aggressive countermeasures outside of its own network as long as it believed the countermeasures were necessary for protection".<br />
• Government-related privacy oversight: This amendment requires oversight on how CISPA affects civil liberties and privacy on government activity, but it does not apply to private firms. The EFF is concerned that there is "no assessment of whether companies over-collect or over-share sensitive information".<br />
<br />
<b>How does Obama's cybersecurity executive order differ from CISPA?</b><br />
<br />
President Obama signed into law a cybersecurity executive order at the same time CISPA was reintroduced into the House.<br />
<br />
Obama's cybersecurity executive order set up the foundations in which a "framework" can be constructed between the government and private sector industries, albeit without the vast majority of the privacy complications that CISPA has.<br />
<br />
The "framework" will allow intelligence to be gathered from the aftermath of cyberattacks and cyberthreats to privately owned critical national infrastructure — such as the private defense sector, utility networks (like gas and electric companies), and the banking industry — so they can better protect themselves and the wider US population.<br />
<br />
While the executive order does touch on intelligence sharing between the US government and private firms, it doesn't undo years of privacy law-making work that continues to protect the US population. The White House even garnered support from the American Civil Liberties Union (ACLU) on the order. The order opened a path for wider consultation and discussion that could, however, change in due time.<br />
<br />
<b>Who supports and opposes CISPA?</b><br />
<br />
Because CISPA gives legal immunity to companies already collecting personal and sensitive user and customer data of ordinary US residents, many major web and technology companies are in favor of the Bill.<br />
Tech companies such as Microsoft, Google, and IBM, and cellular giants AT&T and Verizon, as well as banks and financial firms like the American Bankers Association and the Chamber of Commerce, have all endorsed the current version of CISPA.<br />
<br />
While Facebook, Twitter, and other social networks have not endorsed or openly supported the current version of CISPA, they backed previous iterations of the Bill. (Facebook and Microsoft reportedly backed away from CISPA after previously coming out in favor of it. However, Microsoft's membership to lobbying group TechNet suggests otherwise.)<br />
<br />
As you might expect, a number of major civil liberties groups reject the principles surrounding CISPA. The EFF, the ACLU, and Reporters Without Borders have all expressed their opposition to the Bill. Firefox maker Mozilla has also criticized the Bill, and even Sir Tim Berners-Lee, the inventor of the World Wide Web, opposes CISPA.<br />
<br />
More than 1.4 million people have signed online petitions for Facebook, Microsoft, IBM, and members of Congress to relinquish their support of the Bill — whether currently or in the past.<br />
How does this differ from SOPA or PIPA?<br />
<br />
There are two major differences: SOPA and PIPA acted against foreign alleged copyright infringers, while CISPA is a domestically focused cybersecurity Bill.<br />
<br />
The House and the Senate introduced the Stop Online Piracy Act (SOPA) and the Protect IP Act (PIPA) respectively. Both primarily targeted non-US websites and networks, allowing the US attorney general to seek a court order that would see such allegedly copyright and intellectual property infringing sites shut down and seemingly disappear from the web.<br />
<br />
However, CISPA focuses all but entirely on those within US borders — including US citizens and legal (and illegal) residents — rather than foreign citizens or non-US companies. While the US government cannot collect data from any private firm it likes — the firm must agree to it — <br />
<br />
CISPA has a greater impact on those within US borders, rather than non-US residents.<br />
<br />
<b>Does CISPA affect non-US citizens, such as those who live in the EU?</b><br />
<br />
Potentially, yes, although not directly. Many smaller companies do not have local EU-based datacenters. Microsoft, Google, and Facebook, for instance, do have non-US datacenters for local users, but many do not have the capacity of the funding to do so. This means that non-US resident data may be stored directly by a US company.<br />
<br />
<b>What can the US government do with user data acquired under CISPA by private firms?</b><br />
<br />
Anything they like with it, so long as it's lawful and pertains to "cybersecurity purposes", rather than "national security" purposes. But because the language is so ill defined, it could be used for many more reasons than were initially considered.<br />
The data will be handed to a central location within the US Department of Homeland Security (DHS) by the private firm, which can then be disseminated throughout government — including other US law enforcement and intelligence agencies.<br />
<br />
Techdirt recently agencies that can acquire your data under CISPA, which amounts to around 600 departments.<br />
<br />
<b>Does CISPA allow the US government to spy on US residents?</b><br />
<br />
Once it's in the hands of the DHS, it can be sent anywhere and be used against the person. CISPA amends the National Security Act to include provisions to further protect national or homeland security, as well as other "threats to the United States, its people, property, or interests".<br />
<br />
According to the EFF, even though the data was passed to the government for "only cybersecurity purposes", it can then be used to investigate other crime, not limited to cybersecurity crime, such as the "criminal exploitation of minor, protecting individuals from death or serious physical injury, or protecting the national security of the United States".<br />
<br />
<b>What can I do if a private firm hands over my data to the US government?</b><br />
<br />
Very little. But also, there's no way of knowing that your data has been handed to the US government by a private firm unless that firm informs you. Frankly, most will have no reason to.<br />
CISPA explicitly prevents those under the scope of CISPA - typically US residents - to sue the US government for collecting or retaining data outside of legal parameters. Freedom of Information (FOI) requests do not apply under CISPA, because the data collected will be exempt from disclosure. CISPA also gives private firms legal protection to pass that data on the US government, so they can't be sued, either.<br />
<br />
<b>What are the key upcoming dates, and could CISPA be defeated?</b><br />
<br />
Following a recent closed session which saw CISPA amended, it will go to a vote on the House floor as soon as next week, or late April.<br />
<br />
Two things could happen: Either it will pass like it did last year, and will be handed over to the Senate for its consideration — where it could progress or stall as it did the last time; or CISPA could fail in the House at a coming vote<br />
Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com0tag:blogger.com,1999:blog-37146275.post-90180405744618865382013-03-14T09:15:00.001+03:002013-03-14T09:16:15.436+03:00SYSTEM FLOP A REFLECTION OF POOR IT GOVERNANCEBelow is a brilliant article written by Moses Otieno (Business Daily, 14 March 2013)<br />
<br />
The system failures witnessed during the recent General Election are an indication of failure in Information Technology (IT) governance.<br />
<br />
The responsibility for IT governance lies squarely with the Independent Boundaries and Electoral Commission (IEBC) officials. It is unfortunate that recent debate has been deflected to a hypothesis that Kenya’s IT professionals are incapable of managing complex system projects.<br />
<br />
IT governance, simply defined, is the way in which an organisation aligns its IT strategy to its core mandate. It is owned and driven by the board of directors, in this case the commissioners.<br />
<br />
The national consensus was that an automated process was a key ingredient to successful, free and fair elections. The commissioners had a responsibility to ensure that proper project management and systems development procedures were observed.<br />
<br />
It was thus most embarrassing to listen to the chairman casually explaining that their live system was “multiplying spoilt votes by a factor of eight”.<br />
<br />
This indicates that the chairman did not appreciate the magnitude of the responsibility he had to ensure smooth systems implementation, and chose to point the blame towards the employees in the IT department.<br />
<br />
Scrutiny<br />
<br />
There are several instances where the commissioners abdicated their IT governance role, resulting in delays and substandard products that could not guarantee the realisation of a transparent electoral process.<br />
<br />
For example, procurement of the biometric electronic voter registration kits (BVR) was unnecessarily protracted and only concluded in November 2012, four months to the elections and at a massive cost of Sh7.2 billion.<br />
<br />
Due to these delays, the voter registration exercise was done within a month, disenfranchising millions of Kenyans. The rush by IEBC meant that the electronic voter identification kits (EVI) were also not tested.<br />
<br />
When you consider the Results Transmission System, which famously crashed at Bomas, the Request for Proposals was put out on 21st December 2012. This for an election scheduled for March 4th 2013.<br />
<br />
It is important that the IEBC commissioners are put under scrutiny and if found guilty of abdicating their corporate governance role they should be subjected to Section 30 of the IEBC Act.<br />
<br />
Secondly, considering the growing importance of IT to business and government, it may be the right time to ask whether those in board positions have the competency to provide the required level of vigilance and leadership as far as IT governance is concerned.<br />
<br />
Lastly, the failures of the systems at IEBC should not be an indictment of the state of professionalism in the country’s IT sector.<br />
<br />
The writer is an IT professionalBenson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com1tag:blogger.com,1999:blog-37146275.post-23721019638364731742012-04-10T17:56:00.000+03:002012-04-10T17:56:09.797+03:00KENYA LOSES SHS 3BN IN CYBER CRIME EVERY YEARFrom Daily Nation<br />
By PETER NG’ETICH pngetich@ke.nationmedia.com<br />
Posted Monday, April 9 2012 at 22:30<br />
<br />
Cyber crimes cost the economy about Sh3 billion annually, say forensic experts.<br />
<br />
Experts argue the crime committed through new technologies poses the biggest challenge to organisations and the police.<br />
<br />
Speaking during a forensic conference in Nairobi at the weekend, O’Sullivan Associates country chief executive Sosthenes Bichanga said the banking sector alone loses about Sh2.1 billion yearly in cyber crime.<br />
<br />
“Embezzlement of funds in the public and private sector has moved to ICT level and qualified accountants are better-suited to handle forensic investigations,” Mr Bichanga said. He called for the establishment of anti-fraud committees in organisations to tackle cyber crime.<br />
<br />
US-based anti-fraud expert Sir Charles Hester urged organisations to employ Forensic Certified Public Accountants (FCPA) to forestall technology-driven crime.<br />
<br />
“It will be pointless for organisations to work hard to market their products while cash is siphoned through loopholes which can be sealed by FCPA experts,” Mr Hester said.<br />
<br />
O’Sullivan Associates investigations and training director Ian Ross told participants that organisations needed well-planned responses to fraud to serve as a deterrent.<br />
<br />
Mr Ross called for anti-fraud training for staff, including senior managers and board members as a strategy to curb financial malpractices.<br />
<br />
Talking to the Nation, Kenya Bankers Association chief executive officer Habil Olaka said their members had not done a survey to determine exactly how much banks lose through cyber crime.<br />
<br />
“Though we cannot confirm or deny, some organisations exaggerate such figures to market themselves,” Mr Olaka said.<br />
<br />
Kenya is ranked top among countries with the highest rate of economic crimes, according to a report released last December. The PriceWaterhouseCoopers report shows the vice is fastest growing, at nine per cent, compared to other countries. The survey was conducted in 78 countries.<br />
<br />
From: http://www.nation.co.ke/News/Kenya+loses+Sh3bn+in+cyber+crime+every+year/-/1056/1383234/-/7wboymz/-/index.html<br />Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com1tag:blogger.com,1999:blog-37146275.post-79566050683193194372012-04-05T21:17:00.001+03:002012-04-05T21:17:32.746+03:00HOW CAN YOU HACK E-MAIL ACCOUNTSE-mail is an acronym for electronic mail and is a digital text message sent from one device to another. These devices can be computers, smartphones or tablets. E-mail was one of the initial uses of the Internet and today comprises a large percentage of the total traffic over the Internet. <br />
<br />
Over the years e-mails have become so common that we rarely give them a second thought. We have gotten so used to e-mailing that we send them through an insecure internet without a pause. <br />
<br />
Kenyans are slowly appreciating the importance of e-mail security due to various high profile cases involving e-mail hacking. <br />
<br />
<b>Are E-Mails Secure?</b><br />
<br />
Many people have the misconception that e-mails are secure messages, they are not. We attach confidential files to our e-mails, hoping that no one opens them. Sending these unprotected e-mails is usually convenient in the short-term. However this insecurity can be very costly in the long-term. <br />
<br />
The passing of the USA PATRIOT Act in 2001 clearly illustrated how insecure e-mails are. This Act states that any data (including e-mail) which is housed, stored or processed by a company, which is a U.S. based company or is wholly owned by a U.S. parent company, is vulnerable to interception and inspection by American authorities. <br />
<br />
This means that an American law enforcement agency can use this Act on an American company like Microsoft (Hotmail), Google (Gmail) or Yahoo to request and obtain user data to them. Your e-mails in Yahoo, for example, can be intercepted and inspected by the American authorities anytime. <br />
<br />
This concern is global. The Dutch government in 2011 barred U.S. companies from providing data processing and cloud-based services so as to prevent sensitive citizen data from being compromised by U.S. authorities. <br />
<br />
Internal corporate e-mail does not fall in this category. However most companies use MS Outlook, a product of Microsoft. <br />
<br />
<b>Why E-Mails would be targeted by Hackers</b><br />
<br />
Next to SMS messages, e-mails are very popular mediums of communication. They are therefore a veritable source of personal information for example e-mail account user names/passwords, bank PIN codes, credit card account numbers and other private information. <br />
<br />
E-mails are also a rich source of corporate secrets. In this heightened competitive business environment, corporate espionage targets e-mails as sources of strategic plans, upcoming projects, transactions details and other valuable business data. <br />
<br />
<b>How are E-mails Hacked?</b><br />
<br />
There are various techniques that can be applied to hack into an e-mail account. Some are highly complex. I will however outline one of the most effective, and simplest, methods of how an e-mail account can be hacked into. Generally when hacking the rule of thumb is to make the attack as simple as possible because simplicity ensures faster access to the target device or account<br />
<br />
One of the most popular techniques is attacking an e-mail account through keyloggers. A keylogger poses a serious threat to any computer (tablet or smartphone) user because keylogger’s can be used to intercept passwords and other confidential information entered via the keyboard. <br />
<br />
Keyloggers are software programs that are designed to secretly monitor and log all the keystrokes a user makes on a computer’s password. Keyloggers did not start off as illegal hacking tools. System administrators in companies sometimes used them to track what employees did throughout the day. They were also used by law enforcement agencies to analyses and track criminal activities. <br />
<br />
Software keyloggers are introduced into the target computer through e-mails. A user receives an e-mail from either a known or unknown source. This e-mail will have an attachment which the user is requested to open or download. Once the attachment is double clicked the keylogger installs itself. A keylogger can also be installed via a web page or when a file is downloaded from peer to peer networks like Bittorrent. <br />
<br />
Once installed the keylogger will record all the keystrokes that the user makes and this will definitely include email passwords. It will then send this information to the hacker’s remote computer at pre-set times. With the username and password of an e-mail account it is easy the hacker has effectively hacked into the email account. <br />
<br />
Whether it is a corporate email or a free e-mail service like Gmail, keyloggers are very effective in obtaining log-in information. <br />
<br />
<b>How can you safeguard your E-Mails?</b><br />
<br />
Protecting against keyloggers requires the installation of an antivirus program and keeping it up to date. By installing an effective anti-virus you will safeguard your log-in credentials. <br />
<br />
However e-mails can also be intercepted in transit. To protect emails in transit the average computer user can install S/MIME (Secure/Multipurpose Internet Mail Extensions) in the computer. This is a protocol that secures your emails by using digital signatures and encryption. <br />
<br />
By digitally signing an e-mail it is possible to prove who the sender of that e-mail was. However this does not stop anyone from reading it as it transits through the internet. Encryption then comes in handy by making sure that the e-mail is unreadable during transit. The signing works in tandem with the encryption and this makes it extremely difficult to intercept and read the e-mail. <br />
<br />
For free to use web-based emails PGP (Pretty Good Privacy) is another appropriate solution for the ordinary computer user. It is a signing and encrypting software that works well with popular browsers like Chrome and Firefox and is widely used for encrypting and securing e-mails. The fundamental difference is that it embeds with your browser.<br />
<br />
Another solution that would defeat keyloggers would be to implement centralized encryption protocols that shift the encryption functionalities from the individual desktop to a dedicated e-mail gateway. An e-mail gateway is a server that connects two or more electronic mail systems and transfers messages between them. Encryption technology is integrated into these servers with other security components such as virus scanners and firewalls. This solution is however highly complex and expensive and would be best suited to a corporate organization.Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com0tag:blogger.com,1999:blog-37146275.post-80343179877960164172012-03-25T21:27:00.002+03:002012-03-25T21:27:30.961+03:00KENYA BOASTS OF BEING THE "BIG BROTHER" OF THE EAST AFRICA COMMUNITY BUT THIS IS NOT IMPORTANT AT ALL.Below is a comment from Mr. Kimanga on a post titled "Kenyan Forensic Science Association" dated Friday, May 16, 2008. <br />
<br />
This post generated numerous comments and I thank you all who commented. <br />
<br />
Mr. Kimanga I do concur, as far as Forensic capacity is concerned the big brother is still snoozing away. If Uganda can develop this referral capacity in the region we shall all benefit. We support you. <br />
<br />
<i><b>Mr. Kimanga's Comment is as below.</b> <br />
<br />
<b>Kenya boasts of being the "big brother" of the East Africa Community but this is not important at all. When the big brother is still sleeping in a comfort zone, the little one is out and about making it big. Check out this............(see below article)<br />
<br />
Kenya needs to wake up to the plain reality, just a word.</b></i><br />
<br />
<br />
<i>Courtesy of Sunday Nation 25/03/02</i><br />
<br />
<b>UGANDA BIDS TO HOST REGIONAL FORENSIC CENTRE</b><br />
<br />
By AL-MAHDI SSENKABIRWA Sunday Nation Correspondent in Kampala (assenkabirwa@ug.nationmedia.com)<br />
Posted Saturday, March 24 2012 at 19:27<br />
<br />
Uganda has begun lobbying forensic experts from East African member states to support its bid to host the bloc’s referral forensic centre.<br />
<br />
Addressing regional forensic experts in Kampala on March 21, Uganda’s Criminal Investigations Director, Ms Grace Akullo, said the police force has a modern forensic laboratory that can handle all criminal investigation challenges in the region.<br />
<br />
“I am strongly convinced that our forensic department is better than others in the region and we are better placed to host the referral forensic centre,” she said.<br />
<br />
“The political will is there to improve it further so that it matches international standards.”<br />
<br />
As part of effort to strengthen forensic research, Ms Akullo said the police plans to acquire a fingerprint machine and integrate ICT in investigating cyber crimes.<br />
<br />
Plans are also underway to elevate the department to a directorate to attract more funding.<br />
<br />
The forensic experts, led by the officer in charge of peace and security at the EAC Secretariat, Mr Didacus B Kaguta, are in Uganda to assess the country’s readiness to host the Regional Referral Forensic Centre.<br />
<br />
The team includes one forensic expert from each EAC member state and two from Britain and Germany. <br />
<br />
Uganda and Rwanda are seen as the frontrunners to host the regional facility given the existence of modern forensic centres in both countries.<br />
<br />
The RRFC is a brainchild of the Council of East African Police Chiefs which, among other duties, addresses challenges in investigations, and strengthens forensic services and criminal justice departments.<br />
<br />
It also aims to ensure that EAC member states have harmonised forensic centres.<br />
<br />
The team has since visited the police forensic department in Naguru, a Kampala suburb, and will compile a report to be presented at the next Sectoral Council on Inter-State Security meeting for a final decision.<br />
<br />
Currently, regional governments spend huge amounts of money on forensic tests that are carried out abroad, mostly in South Africa and the UK.<br />
<br />
Furthermore, several criminal cases have been thrown out of court due to poor gathering of forensic evidence. Trained forensic personnel are also few and far between.<br />
<br />
For example, Uganda has only 70 scene-of-crime officers (Socos) who investigate the at least 99,676 criminal cases reported at police stations annually.<br />
<br />
Mr Kaguta said when the regional forensic centre is established, it will train forensic practitioners as well as disseminate information to all national forensic labs.<br />Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com1tag:blogger.com,1999:blog-37146275.post-27469608073988958312012-03-11T11:16:00.002+03:002012-03-11T11:16:41.516+03:00CONSUMER DATA PROTECTION IS YOUR RESPONSIBILITYMany Kenyan organizations are collecting and storing significant amounts of consumers’ personal data. Sectors such as banking, retail (supermarkets), hotels, utilities, hospitals and many others keep depositories of your personal data. Consumer data is extremely valuable to these organizations. Researchers, law enforcement agencies, credit reference bureaus, marketers and business competitors also value consumer data.<br />
<br />
The digital footprint you leave in various companies can be stolen and used for financial gain. As a consumer you would want to know when your data is being collected, what is stored and by whom, and how your data is being used. <br />
<br />
What you might not have known is that the global consumer data market is huge. In the United States alone, organizations spend more than $2 billion per year purchasing consumer data from data sellers. <br />
<br />
Buyers of consumer data are mainly marketers who use this data to better understand and predict consumer needs. Their main objectives are to improve their marketing effectiveness and to increase consumer loyalty to certain brands. <br />
<br />
Kenyan consumers are unfortunately not aware that their data is a valuable inventory. Consumer data protection and regulation on the other hand is non-existent. Consumer advocacy groups are lobbying but with minimal progress. It is therefore left to you, the consumer, to protect your data. <br />
<br />
There are five fundamentals you should ask any data collector you interact with. The first is Economy. You should request the data collector to justify the value they gain if they share your data. The second fundamental is Portability. You should demand that the company provides you with a copy of your data held by the organization. <br />
<br />
The third is Transparency. You should demand that the data collector tells you what consumer data they have about you and what they will do with it. The fourth fundamental is Security. It is your responsibility to ascertain whether your data is protected by technology and adequate governance policies. The fifth and final fundamental is Privacy which requires the data collector to respect your personal data and justify why you should trust them. <br />
<br />
These fundamentals transfer data security from IT professionals to you. It is no longer enough just to check the “agree” button so that you can get on with your bank account opening or property purchase. <br />
<br />
As electronic commerce and internet connectivity gains ground in Kenya, the market for data will become more lucrative. This will definitely be the new cybercrime frontier.Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com0tag:blogger.com,1999:blog-37146275.post-51748460178517064952012-03-11T11:15:00.003+03:002012-03-11T11:15:49.508+03:00DATA ANALYTICS CAN HELP KENYA POLICE COMBAT CRIMECrime is dynamic. The hooligans of yesteryears used techniques that would be anathema to the hooligan of today. This dynamism is also reflected in the crime detection and investigation methods that are used by the police. This means that police forces are recognizing that use of modern techniques in combating crime is important and technology is at the top of the list. <br />
<br />
Analyzing data to enhance security goes a long way in preventing crime. Police forces all over the world are appreciating that analysis of stored data, together with real-time data gathered from the field, can greatly reduce incidences of crime. The Kenya Police should not be an exception. <br />
<br />
Data analysis combines various techniques such as data mining, predictive analytics, business intelligence and trend analysis.<br />
<br />
One area in which data analytics can be used is in pinpointing crime. By using Geographic Information Systems (GIS) in combination with software that can analyze criminal behavioral patterns, it is possible to determine when and where crime is most likely to take place.<br />
<br />
The police are subsequently able to make informed decisions on where to deploy resources such as plainclothes police personnel. This type of smart deployment means that more efficient usage of limited resources is possible. <br />
<br />
Another area data analytics can be effectively used is in accident prevention. Web-based CCTV data can help determine accident black spots. For instance when an accident occurs this data is stored in a server. The analytic software will then be able to collate the current accident data with historical data. <br />
<br />
If historical data indicates a trend of accidents in the same spot then these areas can be marked as certain black spots. Most black spots are rarely permanent. Identifying these constantly shifting black spots is possible with analytical software. <br />
<br />
Improved control is another area the police can apply data analytics. Large gatherings of people in various events such as national days, football matches or musical concerts require smart crowd control management. <br />
<br />
By using live CCTV imagery/data and comparing it with past event data, the police are better positioned to deploy appropriate resources to ensure the public is monitored and kept safe. An absence of this analysis results in an unprepared response to crowd unrest as witnessed in the recent football crowd tragedy in Port Said, Egypt.<br />
<br />
The use of data-analytics by the Police brings about clear benefits such as preventive crime control and better allocation of resources.Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com0tag:blogger.com,1999:blog-37146275.post-53271399781759501952012-03-11T11:14:00.002+03:002012-03-11T11:14:24.642+03:00BEWARE OF SOCIAL MEDIA CYBER-STALKERSSocial media sites such as Facebook, Tweeter and Google+ have captivated many Kenyans. If you are not in updating your page or tweeting then you are not in touch with current trends. Social media gives you a ubiquitous presence. This means that your friends can converse with you at anytime and from any anywhere. <br />
<br />
The flip side of this is that you cannot totally shut out people you don’t want to interact with. When you ‘unfriend’ someone in acrimonious circumstances, the likelihood of that former friend becoming a cyberstalker is high. <br />
<br />
Cyberstalking is the use of electronic means to harass an individual or group of people. A cyberstalker harasses a victim through emails, phone calls, sms messages, Facebook posts and tweets. These messages are sent to the victim whether they are at home, school or work. <br />
<br />
Cyberstalkers intrude into a victim’s life in frightening or intimidating ways making the victim feel there is no escape. <br />
<br />
The effects of cyberstalking should never be under-rated. The psychological effect can be damaging and can result in psychological trauma regardless of whether the victim ever actually meets the stalker. <br />
<br />
It has been observed that the fears that result from cyberstalking depend on the individuals affected. However in male victims the most paramount fear is damage to their reputations. Female victims on the other hand are more likely to fear physical harm from cyberstalkers.<br />
<br />
Cyberstalking is not addressed as a specific crime in The Kenya Communications (Amendment) Act. Legislative change should therefore be initiated that allows police to compel Internet Service Providers (ISPs) to implement processes that deter harassers. This legislation should also force ISPs to surrender internet logs to authorities. <br />
<br />
Apart from legislation we need to appreciate that the police and ISPs are primary centers of responsibility in any cyberstalking crime. Police are supposed to provide an active response to stop the harassment and conduct investigations in case the crime is reported. ISPs are supposed to implement security technologies that prevent such harassment. <br />
<br />
Other stakeholders such as the CCK based Kenya Computer Incident Response Team (KE-CIRT) can contribute positively in cyberstalking investigations. <br />
<br />
As more and more Kenyans embrace social media and develop online relationships, cyberstalking becomes another online menace we have to contend with. <br />
<br />
Cyber stalking victims in Kenya should not be allowed to suffer in silence. By putting in place effective response and investigative structures, we can safeguard the online experience of many Kenyans. <br />Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com0tag:blogger.com,1999:blog-37146275.post-33564456717099877302012-02-01T07:54:00.000+03:002012-02-01T19:31:20.449+03:00SHADOWY VIRTUAL TERRORISTS INVADE KENYA<br />
<b>Article written By JOHN OYWA in East African Standard (Underworld Magazine) of 1st February, 2012</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;"><a href="http://1.bp.blogspot.com/-SC8VeeONdYE/TyloxnKDPGI/AAAAAAAABSo/MaZMaQmnqYI/s1600/undthumb010212.jpg" imageanchor="1" style=""><img border="0" height="120" width="95" src="http://1.bp.blogspot.com/-SC8VeeONdYE/TyloxnKDPGI/AAAAAAAABSo/MaZMaQmnqYI/s400/undthumb010212.jpg" /></a></div><br />
They pass for harmless, ordinary souls. Some cut the figures of suave business executives while others are shadowy introverts with insatiable love for computers.<br />
<br />
But behind the veil of innocence lies the faces of ruthless white collar criminals whose activities across the globe has cost governments and private companies billions of shillings in stolen data and fraudulent deals.<br />
<br />
They neither carry firearms nor use force on their victims. Yet this new breed of shadowy criminals have emptied bank tills, accessed secret government data and robbed individuals of hundreds of thousands of shillings — all from the comfort of their homes and cyber cafes.<br />
<br />
One of them, an Indonesian, struck Kenya last week, hacking and defacing more than 100 Government websites and posting a warning that he would be back soon, to inflict more damage.<br />
<br />
This was just a year after another hacker attacked and disabled the official police website.<br />
<br />
The Government played down the shocking attacks, saying they posed no threat to its databases even as experts warn that the incident could just be a tip of the iceberg as cyber terrorists and criminals turn their arsenals on third world countries.<br />
<br />
Highly exposed<br />
<br />
Criminologists and Information Technology security experts say that Kenya remains highly exposed to cyber warfare. They say the security of public data and security secrets were under threat more than ever before.<br />
<br />
The fact that the Indonesian hacker, who was described as an amateur, chose Kenya, spoke volumes.<br />
<br />
"The hacker may have found Kenya very vulnerable. It is evident he spent very little time to execute the assignment, an indication of just how much we are exposed as a country," says Mr Sylvanus Sewe, an IT forensic expert. Sewe says although no vital data was lost in the hacking, it greatly embarrassed the Government and dimmed its image in the ability to fight economic crimes. "It means many people may no longer trust Government sites because one cannot be sure if what he or she is reading has been manipulated by hackers," says Sewe.<br />
<br />
He adds: "I am imagining what will happen if such criminals could get access to the Kenya National Examination Council database containing national examination results or the Independent Electoral and Boundaries Commission data on election results."<br />
<br />
Last year a clique of employees and students of Kenyatta University hacked into the institution’s online database and altered examination results.<br />
<br />
Some final-year students bribed university employees to change their poor grades to enable them graduate. They manipulated passwords of former employees of the university, some of who were dead, to access the examination database.<br />
<br />
Falling victim<br />
<br />
Due to the alterations, the university struck off names of many students from those scheduled to graduate last December, sparking a legal tussle after the affected went to court to challenge the decision.<br />
<br />
A private university in Nairobi also suffered a similar incident after some Internet savvy students hacked into its financial database and changed fee balances. The University lost a lot of money because students with balances altered the records to show they had cleared their fees.<br />
<br />
Investigation indicates that cybercrimes, which vary from receiving of spam mails, hacking, espionage, viruses and using specific software to get information from individual, organisation or government was on a sharp rise in the country.<br />
<br />
With the online and mobile banking taking root in Kenya, cyber criminals have been smiling all the way to the bank.<br />
<br />
Industry players estimate that mobile money platform handles up to Sh7 billion per day, a chunk of which ends in the pockets of criminals.<br />
<br />
Another ICT security expert, Mr Muthoga Kioni, says cyber crime had become a huge threat because it was easy to execute.<br />
<br />
"Many young people are getting into cybercrime because it has minimal risks with maximum returns. They sit in their houses or cyber cafes and make millions within a few hours. They hardly get arrested," says Kioni.<br />
<br />
Kioni says a hacker needs only about six hours of research not only to break into the website, but to access the data base.<br />
<br />
"There are thousands of hacking tutorials in the Internet that helps hackers to learn new tricks," he says.<br />
<br />
The Internet thieves execute their acts by stealing vital information such as Pin Numbers and passwords to gain entry into the websites and even access bank accounts.<br />
<br />
But Communications Permanent Secretary, Dr Bitange Ndemo, downplays the issue, saying it was not as bad as was being portrayed.<br />
<br />
"The recent hacking of Government websites was unfortunate but little damage was done because the criminals did not access the data bases," he says.<br />
<br />
Disastrous prospects<br />
<br />
He explains that it was not easy for the hackers to gain access to Government databases containing vital information. "A website is just like a brochure advertising the services offered by the Government ministries. It has no data."<br />
<br />
The PS says it would be disastrous if the criminals could gain access to sensitive databases such as that containing M-Pesa details and transactions.<br />
<br />
"There is need to improve our cyber security and we are already doing this. It is also important for companies to put tough security framework to safeguard their internet data since most of cyber crime is committed through collusion with insiders," he says.<br />
<br />
Internal crime<br />
<br />
He says 60 per cent of cyber crime was internal and urged organisations to foster discipline and value system to counter the problem. "If we avoid the 60 per cent then we will be very safe," he adds.<br />
<br />
Industry players point fingers at the Government’s ill preparedness in fighting cyber security.<br />
<br />
"The truth is that we have big loopholes. In other countries, the police have high technical crime unit that deals with cyber crime and other organised economic crimes. In Kenya, we still concentrate on physical security than technical crimes," says Kioni.<br />
<br />
The initial Cyber Crime Unit, which was established at the CID headquarters in early 2000, is no longer operational. Officers who had been attached to the unit either resigned and were hired by financial institutions or were redeployed to other departments.<br />
<br />
But Ndemo says adequate measures have been put in place to fight the cyber crime in the country. He cites the establishment of the National Computer Emergency response Team (KE-CERT) and the e-government secretariat as some of the interventions.Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com0tag:blogger.com,1999:blog-37146275.post-28598245351214212642012-01-30T16:05:00.001+03:002012-01-30T16:05:48.496+03:00GOVERNMENT WEBSITES AND SYSTEMS SHOULD BE ‘HARDENED’Over 100 government websites were defaced by an Indonesian hacker in January 2012. This is a harbinger of things to come. As more organizations get online hackers will test their hacking skills and the government is a target like everyone else. <br />
<br />
This incident informs us that government websites need to be hardened. The government should ensure that its websites are well protected from any intruder who might try to hack and steal data contained therein. <br />
<br />
Apart from defacing websites, hackers usually move on to the next stage by attempting to penetrate the database(s) that sit behind websites. <br />
<br />
Securing the data in these websites is a basic but another fundamental is that this data should be encrypted. Most of the government sites that were defaced have a user login feature that allows authorized users to log in and for instance check their mails. This kind of sensitive data is what should be encrypted. <br />
<br />
Government web developers should also make sure they are using the right coding methods. Web developers can unknowingly leave their websites at risk in various ways. One way is by leaving ‘open doors’. <br />
<br />
An open door could be an administrator password that has been left as a comment in the source code. By looking for these commented codes a hacker will be able to log in and access valuable data. <br />
<br />
Where you host your site is crucial in determining the security of a website. Websites are hosted on servers. A ‘weak’ server is a vulnerability waiting to be hacked. Evidently the server in which the government domain is hosted in was not secure. <br />
<br />
This episode should be a wake-up call. As more and more Kenyans embrace the internet, the subsequent development and adoption of e-commerce will ensue. It will soon be possible to pay for government services online. Instead of going to a supermarket we shall be able to shop online and have the shopping delivered to our homes. <br />
<br />
The monetary motive for sophisticated hackers to target our systems will then exist. Opportunity is already present because most of our websites and systems are note secure. This will leave many Kenyans vulnerable to online scams and fraudsters. <br />
<br />
It is imperative that Government takes up the gauntlet and develops a fully fledged High Tech Crime Unit in the Kenya Police. This unit should be the first responder and of more importance should aim at mitigating threats to our national ICT security. <br />Benson Muthoga Kionihttp://www.blogger.com/profile/08056025576527927787noreply@blogger.com0