AUTHOR’S NOTE:
Be wary of laptop thieves. Word on the street is that that they operate as a cartel & frequent offices that are outside the Central Business District in the evenings when people are leaving the office because that’s when they can’t be easily noticed or questioned. The man is still at large.
AUTHOR’S NOTE:
The Kenya Police website is still down, three days after hackers attacked the site indicating just how unsecured it has been. Following the initial entry, the site has suffered a series of hacks with different disparaging messages posted on each occasion. International technology blogs picked up the story, driving more traffic to the site, which ultimately brought it down for hours. As NTV’s Larry Madowo reports, it’s a curious case of the word ‘password’ being used as a password.
DISCLAIMER:
Reposted with permission from gmeltdown. The original article can be found here…
Tricksters & dishonest people have always existed in our midst. It is definitely naive to imagine our techno-savvy way of life is an exception to the old age social patterns. This afternoon, an M-Pesa agent was a victim of a new line of M-Pesa fraud.
On Febuary 1st, 2009 in a peri-urban setting about 24 kilometres from the Nairobi City Centre:
A number of discrepancies have since been highlighted on the fake M-Pesa SMS which is copied & pasted below:
P47DT685 confirmed on 01/02/2010 at 2:20 PM Give KSh 35,000 to DANIEL MAINA New M-Pesa balance is Kh 42,049
Sender:MPESA +254771831462
I shal leave the analysis of the text & resulting fraud to the reader for now.
According to the Safaricom M-Pesa support person, the M-Pesa attendant only has to count their loss as no indemnity is payable to the attendant for their predicament. When the known Safaricom / M-Pesa representative for the affected region was contacted, they disowned the “supervisory” visit by the lady & gentleman 20 minutes before the “withdrawal” was requested. I wonder how many more M-Pesa agents have fallen pry to this new M-Pesa trickery?
AUTHOR’S NOTE:
According to a new analysis, one out of every five Web users still decides to leave the equivalent of a key under the doormat: they choose a simple, easily guessed password like “abc123”, “iloveyou” or even “password” to protect their data.
This suggests that hackers could easily break into many accounts just by trying the most common passwords. Because of the prevalence of fast computers & speedy networks, hackers can fire off thousands of password guesses a minute!
The World Telecommunications & Information Society Day was held on Sunday 17th May & the theme was on “Protection of Children in Cyberspace…”
This led me to wonder how we’re protecting our young ones from mobile content now that there’s a lot of adult stuff sold on mobiles e.g. wallpapers, tips on relationships, dating services etc.
Children now have access to both web & mobile (with mobiles being harder to monitor).
Who out there is working on such issues?
WASHINGTON – Wanted: Computer hackers.
Federal authorities aren’t looking to prosecute them, but to pay them to secure the nation’s networks.
General Dynamics Information Technology put out an ad last month on behalf of the Homeland Security Department seeking someone who could “think like the bad guy.” Applicants, it said, must understand hackers’ tools and tactics and be able to analyze Internet traffic and identify vulnerabilities in the federal systems.
In the Pentagon’s budget request submitted last week, Defense Secretary Robert Gates said the Pentagon will increase the number of cyberexperts it can train each year from 80 to 250 by 2011.
With warnings that the U.S. is ill-prepared for a cyberattack, the White House conducted a 60-day study of how the government can better manage and use technology to protect everything from the electrical grid and stock markets to tax data, airline flight systems, and nuclear launch codes.
President Barack Obama appointed a former Bush administration aide, Melissa Hathaway, to head the effort, and her report was delivered Friday, the White House said.
While the country had detailed plans for floods, fires or errant planes drifting into protected airspace, there is no similar response etched out for a major computer attack.
David Powner, director of technology issues for the Government Accountability Office, told Congress last month that the U.S. has no recovery plan for a digital disaster.
“We’re clearly not as prepared as we should be,” he said.
Administration officials says the U.S. has not kept pace with technological innovations needed to protect its computer networks against emerging threats from hackers, criminals or other nations looking for national security secrets.
U.S. computer networks, including those at the Pentagon and other federal agencies, are under persistent attack, ranging from nuisance hacking to more nefarious assaults, possibly from other nations, such as China. Industry leaders told Congress during a recent hearing that law enforcement and other protections are too outdated to fend off threats from criminals, terrorists and unfriendly foreign nations.
Just last week, a former government official revealed that spies had hacked into the U.S. electric grid and left behind computer programs that would let them disrupt service. The intrusions were discovered after electric companies gave the government permission to audit their systems, said the ex-official, who was not authorized to discuss the matter and spoke on condition of anonymity.
Cyberthreats are also included as a key potential national security risk outlined in a classified report put together by Adm. Mike Mullen, chairman of the Joint Chiefs of Staff. Pentagon officials say they spent more than $100 million in the last six months responding to and repairing damage from cyberattacks and other computer network problems.
Nadia Short, vice president at General Dynamics Advanced Information Systems, said the job posting for ethical hackers fills a critical need for the government.
The analysts keep constant watch on the government networks as part of a program called Einstein that was initiated by the Bush administration under the U.S. Computer Emergency Readiness Team.
Short said the $60 million, four-year contract with US-CERT uses the ethical hackers to analyze threats to the government’s computer systems and develop ways to reduce vulnerabilities.
Faced with such cyberchallenges, Obama ordered the 60-day review to examine how federal agencies manage and protect their massive amounts of data and what the government’s role should be in guarding the vast networks that control the country’s vital utilities and infrastructure.
Over the past two months, Hathaway met with hundreds of industry leaders, Capitol Hill staff and other experts, seeking guidance on what the federal government’s role should be in protecting information networks against an attack. She sought recommendations on how officials should define and report cyberincidents and attacks; how the government should structure its cyberoversight; and how the nation can increase security without stifling innovation.
A task force of technology giants, including representatives from General Dynamics, IBM, Lockheed Martin and Hewlett-Packard Co. urged the administration to establish a White House-level official to lead cyberefforts and to develop ways to share information on problems more quickly with the private sector.
The administration has struggled with the basics, such as who should control the nation’s cyberspace programs. There appears to be some agreement now that the White House should coordinate the overall effort, rejecting suggestions that the National Security Agency take it on – a plan that triggered protests on Capitol Hill and from civil liberties groups worried about giving such control to spy agencies.
DISCLAIMER:
Reposted with permission from Becky. The original post can be found here…
I think it has become slightly safer for people to talk on phone while walking downtown Nairobi. After seeing their comrades beaten to death over cheap phones, I guess the thugs have changed tact.
But it does not mean that the thieves have abandoned their trade, they have just become sharper; the steal the phones that are more expensive.
My friend Muthoni, made us laugh the other day when she told a story of how the thugs in the estates have learned the value of the phone by the ringtone.
Her story was that there was this woman going home one day in Dandora estate, and she was passing through an alley. It was at 7 pm so there were many people walking to and from the shops, acting busy.
Though her phone was ringing, she could not pick because of the four men who were walking with her group. So the phone annoyingly rung and it was apparent that she was fearing that her phone might just go.
Put off by the ringing or failure to remove the phone from the bag, one guy said, “Mama oya thimu ithuii tutiendaga Motorola.” (Just pick up the phone we are not interested in your Motorola).”
But if its a Nokia, they know the series by the ring tone and they just kindly ask you to pretend you are relatives and just hand over the phone! They even force you to hug them as they rob you in front of everyone.
Others are able to tell the kind of phone when its in the pocket; depending on the shape it projects in the pocket.
The tips are apparent; don’t wear tight trousers then slide the phone in the pocket, unless you want to invite the crooks. If you can, let the phone be on vibrator or the single beep then vibrator otherwise the phone will just go.
AUTHOR’S NOTE:
This is a message I came across a mailing list I’m a member of & I thought it might be worth sharing with you readers. Anybody come across something similar?
“Wanabidii,
I have two friends who received threatening Sms Messages purporting to originate from hired killers. The messages originated from different numbers and I have been thinking that its a new type of fraud because in one of the instances, the ‘Killers’ requested for 30,000 to be sent via Mpesa to a particular number so that any further action can be forestalled. The sms message from the number 0735974157 read as follows…
‘Okey !! There is a fellow business man . who is behind your life. Am a killer if you want help call us now.’
In case you call and happen to be very scared you can imagine that you will just fall into their trap and they will get to know more about you and progress further with their threats. However if you ignore such a message they could just re-send once more before they give up.
My friend happened to have been going through a legal dispute case and so it appeared so real to her. She called to find out the details but that made things worse and for a number of days she could not eat and was really scared. She reported the case to the police for investigation. My other friend who had got almost similar message just wondered who would want to ‘Kill’ him and for what reason. He just ignored the second message sent to him and I therefore thought to myself that this is just a case of attempted sms fraud.
The fraudsters know that people have problems of every kind so they chance to prey on unsuspecting people who may be conned out money easily. I think the 30k Mpesa amount is carefully chosen as this is the max limit one can send in a single transaction. In case anyone has come across such types of messages please report appropriately to the police and mobile service provider.
Please also share in this forum so that we can get to know the extent of the problem. Is there a journalist in this forum who can investigate this scam and publicise accordingly? I can imagine there are people out there suffering silently.
MM”
The Internet may not be such a dangerous place for children after all.
A task force created by 49 U.S. state attorneys general to look into the problem of sexual solicitation of children online has concluded that there really is not a significant problem. The findings run counter to popular perceptions of online dangers as reinforced by depictions in the media.
Full story: http://www.iht.com/articles/2009/01/14/america/net.1-407132.php
The 411... 