what i do?

Am an Information Risk Consultant and Penetration Tester, i specialize mostly in penetrating secure networks/computer systems where i simulate an organized professional attack against your organization, where after that a detailed report with weakness and exploited vectors are summarized. This will help you gain control over your infrastructures security and maximize your protection.

Thursday, January 08, 2015

CYBERWARFARE WILDERNESS Part 1

 Welcome to Cyber Warfare Jungle

Over the past decade, organizations, countries and other adversaries against nations, have used Human Intelligence and On-ground Operations for CI (Counter Intelligence) and CT (Counter Terrorism) and frameworks like C4ISR were never heard of. Right now adversaries are using newer methodologies, tradecrafts, and collection techniques that most of the old folks leading the governments or leaders in the private sectors have no idea of, where as, these adversaries are specializing in computer network attacks and exploitation. lets take an example of what happened last year on November.




And then the Chinese Envoy =>>


Now several Chinese guys were arrested in several houses, with serious Internet speeds, servers and laptops. We all do know the Chinese are involved in a lot of CI than any other country, thats including the US.

So what the Estimate of the problem as far as CyberWarfare is concerned?

a) More than 100 countries are fully and actively involved on Intelligence Gathering, Cyber Warfare tactics across the globe.

b) China, Russia and India are known to be on top of Cyber Warfare capabilities with the recent growth of South Africa on tail with their new department called ComSec, which a wing on the Defense and Security Apparatus.

c) We have seen several occasions where individuals from different countries involved with Espionage, arrested and convicted with such charges.

d) Strings of Cyber Hacktivism and increase of Hate Speech on the Internet especially on social media.

e) Use of Social media to push in agenda via use of rogue persona's

f) Hackers breaking into financial firms and holding the organizations hostage or blackmailing the leading teams.

g) Growth of Cyber-jihadis by different terror groups across the globe


So nowadays, this is no longer a threat to just the governments, its largely becoming a huge problem for the private sector, since most of the infrastructures, business opportunities and ideas, innovations, commercial secrets regardless of classified or not.

As a nation, its important to safeguard what is ours, by deploying Countermeasures and Risk management strategies, Counter intelligence discipline, Operational security planning and best practices to protect our people facilities and information.

Now lets talk a little on incidences inside Kenya that have shown tendencies of Cyber Warfare. and before i do that, lemmie list down the examples of Cyber Warfare tactics that you might need to familiarize yourself with. (This is dedicated to the media, cause they write stuff, that don't make sens)

1. Cyber Hacktivism
2. Cyber Vandalism
3. Information Warfare
4. Cyber jihad / Cyber Terrorism
5. Cyber Espionage
6. Cyber Proliferation

Lets try give examples of each as far as 2014 was concerned and concentrate only with +254 region.

Cyber Hacktivism.

Several hackers are coming up lately especially in Nairobi. Several of them are defacing websites, DDOSing services and defacing social media accounts to push Agendas. Most of these guys are members of the Anonymous.



 Here we have a defaced sites, that pushed the twitter defacements on different verified government handles, out of action.




This resulted to Communications Authority, planning on opening of National Joint Cyber Command Center, which by now hasn't even seen the light of day.

Then late last year, this attack was on call for some officials to leave office, which was also pushed a lot on social media as Kenyans showed lack of confidence, on their leadership.



 Cyber Vandalism

This has been seen a lot on social media where several Kenyans have used this platform to insult officials in the office, defaming posts and comments, fake pages to undermine the and several pages to undermine exes etc.

Lets start with the latest on #AlanWadi

 There are so many other examples online that i cant post here, but at least you are getting the idea.




 Information Warfare


Maybe you have seen lately, how people on twitter mobilize demonstrations that push the government to change some views. That is just a small type of info-wars. Mainly, this tactic is used to push an agenda or rather propaganda or even PR. Countries also use this tactic a lot, e.g United States, they get real good PR on Movies and TV Shows + Music Videos, but when you go there, your eyes get opened, what you read and watch on TV is not what you get.

So, late last year, some leaked information about some several GoK bloggers had made thousand of persona to push #hashtags that were supposed to suppress what the activists was posting on-line.








These are just examples, we already know a lot is going on, thats is actually a tug-of-war especially on Twtter and its happening everyday.




Anyway, long night, on the next blog post, i will give a few examples of the three remaining topics,

4. Cyber jihad / Cyber Terrorism
5. Cyber Espionage
6. Cyber Proliferation

Thankful,

Next up, CYBERWARFARE WILDERNESS Part 2