CIO East Africa was among the media outlets that broke the news of a widespread hacking that happened yesterday to the Kenyan Government websites. Apparently all the websites are hosted in one server without any redundancy or good security. Once the server was compromised by the hacker all the websites became vulnerable and were brought down all in one night, well it was during the day here.
The Hacker, Direxer from Indonesia calls this his Black hat SEO method of getting traffic to his blog. He also promises more to come if the said Kenyan Government websites do not employ better security measures.
He had this message to CIO East Africa in thanks:
Thanks for the CIO who has written a story about hacking. I rarely make my own writings on the web.I only use the Blackhat SEO techniques so that my blog good traffic. and I will carry out attacks onother servers if the Government is still neglectingsecurity. My Security Code on behalf of Indonesia,Security is a necessity.
Website security has been an item of concern as we had the Kenya Police website hacked, a show of neglect and utter unprofessionalism by the people in charge. We wonder what would happen to government web systems that would compromise on personal data including personal details like names, phone numbers, Pin numbers and financial details.
[…] Kictanet https://techweez.com/2012/01/18/hacker-thanks-cio-east-african-writer-for-exposing-his-blog-to-tr… ShareShort URL: […]
Why don’t the government websites just use open-source cms such as Joomla and Drupal?
I used to code my sites line by line and the hacking never stopped.
You will be surprised to find like all govt websites run on joomla, but they rarely upgrade to cover for security fixes, hence the vulnerabilities. Some others just have weak passwords.
This is really scary. I wonder if there are enough personnel in the police department trained to help curb such incidence of widespread attacks.
Anyway sometimes, giving little attention to the basic online security tips leads to double work. This reminds me when I had a WP blog with a very weak password and admin as the user name.
Someone would not let a hacking opportunity pass by.
I dont think it has much to do with the Police in this case but the departments and personnel responsible for handling the security for the public office platform. I mean, do we even have laws to this effect?
Comments are closed.