now browsing by tag


#hacking | NTSA arrests reveal reluctance to upgrade number plates system

Source: National Cyber Security – Produced By Gregory Evans

The government has, since 2015, been planning to produce new-generation number plates that would be impossible to copy.

The proposed plates would have anti-counterfeit features that include holograms, watermarks, and laser markers which, if implemented, would provide the necessary checks against double registration of cars.

When they were arrested in Ngara, Nairobi, Michael Onyango Oduor, 54, and Sylvester Onyango, 30, were found actively trying to hack the NTSA website and the Transport Information Management System (TIMS). The third suspect, 33-year-old Antony Rugut Korir, was picked at NTSA offices where he works at the call centre.

He is suspected to have been assisting the hackers to access the NTSA network.

After the arrest, detectives recovered Sh1.18 million in 100 US dollar bills, three motor vehicles and a fibre laser cutting machine  used to cut number plates.

A compressor machine that was being used for painting number plates, one number plate, five desktop computers, laptops, logbooks, modems, hard drives and flash drives were also recovered.

But even as the NTSA grapples with the fake number plates’ menace, the correctional services department under the same Interior ministry is on the spot for failure to initiate production of the new-generation number plates.

 The government has, for the past five years, been seeking to replace the current plate production system, whose loopholes crooks have exploited to steal cars or dump cars meant for export in the country.

 The current system produces 1,000 pairs of licence plates per day, as opposed to a new generation system that could  make 6,000.

In 2015, the state department for correctional services advertised for the supply of raw materials for number plate blanks and hot stamping foils.

However, the tender was challenged in court and the matter was finally settled in 2017.

The Attorney General advised that the tender be awarded to the initial winners as per the High Court ruling.

President Uhuru Kenyatta visited Kamiti Prison in February 2017 and was shown machines for the new generation number plates.

In March 2019, the parliamentary committee on security also made a similar visit, but not much has been heard from the government since then.

Despite the noble plans, the  old number plates continued to be issued. The reason given is that the laser marking machine is yet to be delivered.

Sources indicate the machine was ordered in 2018 but the firm that won the tender, Tropical Technology Limited, is yet to deliver.

 According to sources in the prisons department, the company declined to deliver the machine despite having imported it after the prisons department declined to issue  a local purchase order.

“Production and roll-out of new-generation number plates was rescheduled to commence on July 1, 2018, but could not be executed until the process of procuring the laser marking machine – which is for validating  licence plates – had been concluded. “In July 2019, the department of correctional services declined to accept a consignment of number plate blanks from Tropical Technology in fulfillment of their order, even though it had accepted the previous two consignments from the company,” said a source.

Last year, the government sent a delegation to Germany with the aim of buying a new machine but, according to sources, they were advised that the machine they were looking for produces 30 million plates a year and would require several countries to come together.

NTSA was hived off the Kenya Revenue Authority in 2012. According to sources, the move  delinked the entire vehicle  importation, declaration, inspection and registration process with disastrous consequences to the security of the country.

“Now importers and motor vehicle dealers do not fear or bother about KRA in their schemes to import and declare motor vehicles as transit goods meant for South Sudan, Rwanda or Congo.

“Once they get to Busia or Malaba border, the cars are hidden, the paperwork is perfected, transit bonds cancelled and customs entry into Kenya is retired and archived.

“The crooks create a fictitious entry in the system and take them to NTSA.

“The fellows in ICT at NTSA deploy a malware or manipulate the registration system to allow the insertion of special characters such as dots, commas and apostrophes during the input of the chassis number.

“The TIMS can’t detect that the chassis number is for a motor vehicle that was meant for transit to a second country,” said the source.

The most lucrative cars are those with high-engine capacity such as Range Rover, Toyota Prado, Audi, BMW, Porche and Jaguar.

They are illegally diverted to the local market and registered without paying tax.

Insiders said separating the vehicle importation process from registration was a big mistake.

NTSA should have been left to manage the licensing, registration and transfer of vehicles from one owner to another.

“The delay in implementing the new number plate registration process is deliberate. KRA is forced to release cars from Mombasa port before they have number plates, which gives crooks at the NTSA leeway to tamper with the declaration and registration process,” said another source.

Efforts to get a comment from NTSA Director-General George Njao were fruitless as our calls and text messages went unanswered.

Last week, the National Police Service disclosed that it was trying to impound  about 450 vehicles registered illegally to evade paying tax.

Unscrupulous businessmen colluded with rogue employees to infiltrate the NTSA website and fraudulently register vehicles.

 NTSA admitted that its database had been infiltrated and that some vehicles got into the system without following the laid-down procedures.

NTSA, in a statement, listed  37 names of individuals and companies whose data was used to  register vehicles fraudulently.

The scandal raises questions on the safety of motorists’ data in the TIMS register.

Just last year, the then Interior CS Fred Matiang’i called for investigations after it emerged that some NTSA employees had colluded with KRA officials and  car dealers to clone car number plates.

One of the cars with duplicated plates was used during the Dusit D2 attack.

The NTSA circular listed 42 vehicles  issued with new number plates when they were destined for other countries including South Sudan, Uganda, Malawi, Uganda, Burundi, the DRC and Tanzania.

Last year, police impounded hundreds of vehicles after it emerged that their number plates had been cloned or they were fraudulently registered.

Some 19 NTSA employees were arrested in connection to the plate-cloning ring but they were later released.

Source link

The post #hacking | NTSA arrests reveal reluctance to upgrade number plates system appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Why Cyber risk is the number one business risk in 2020

Source: National Cyber Security – Produced By Gregory Evans

In January the Information Commissioner’s Office (ICO) fined DSG Retail Limited (DSG) £500,000 after a ‘point of sale’ computer system was compromised as a result of a cyber-attack, affecting at least 14 million people.

An ICO investigation found that an attacker installed malware on 5,390 tills at DSG’s Currys PC World and Dixons Travel stores between July 2017 and April 2018, collecting personal data during the nine-month period before the attack was detected.

The company’s failure to secure the system allowed unauthorised access to 5.6 million payment card details used in transactions and the personal information of approximately 14 million people, including full names, postcodes, email addresses and failed credit checks from internal servers.

Because the data breach occurred before the General Data Protection Regulation (GDPR) came into effect, DSG were found to have breached the earlier Data Protection Act 1998.

The ICO cited poor security arrangements and a failure to take adequate steps to protect personal data. This included vulnerabilities such as inadequate software patching, absence of a local firewall, and lack of network segregation and routine security testing.

The ICO said that the contraventions in this case were so serious that they imposed the maximum penalty under the previous law, but the fine would inevitably have been much higher under the GDPR.

The ICO considered that the personal data involved would significantly affect individuals’ privacy, leaving affected customers vulnerable to financial theft and identity fraud. The ICO received 158 complaints between June 2018 and November 2018 from DSG’s customers. As of March 2019, the company reported that nearly 3,300 customers had contacted them directly in relation to this data breach.

The ICO stressed that while cyber-attacks are becoming more frequent, organisations still have responsibilities under the law to take serious security steps to protect systems, and most importantly, people’s personal data.

This incident will have cost DSG a great deal, both in direct costs to deal with the breach, and also in terms of its reputation.  DSG  may also face claims from its customers – especially given the ICO’s findings of poor security.

Given such incidents  it’s unsurprising that the threat of cyber attacks is keeping many business leaders up at night and sadly, if business leaders aren’t worried, then they aren’t paying attention. In fact, the latest Allianz Risk Barometer 2020 from insurers Allianz – which identifies the top corporate risks for 2020 – highlights cyber risk as the number one business risk for 2020.  Seven years ago cyber risk was ranked just 15th.

A top priority for all businesses in 2020 must be to take all reasonable and practicable steps to make their businesses as cyber risk proof and as resilient as possible.  There’s plenty of guidance and support available – the National Cyber Security Centre (NCSC) promotes cyber essentials which should be a first port of call for any SME (

Businesses should also consider whether they should take out cyber insurance.  It should not be assumed cyber risks are covered in your existing insurance policies.

A number of cyber policies are now available and a specialist insurance broker should be able to assist you and help explain what’s available and what is and what is not covered.   Such policies can help protect against financial losses (including for business interruption, privacy breach costs, cyber extortion, hacker damage, and media liability) but many also offer assistance at the time of an incident e.g. by providing cyber forensic support.

Such policies do pay out – last year the Association of British Insurers revealed that 99% of claims made (207) on ABI-member cyber insurance policies in 2018 were paid – this is one of the highest claims acceptance rates across all insurance products.

As the NCSC advise:

“Organisations that are considering cyber insurance should understand that it will not protect you from an attack, but it may provide you with additional resources during and after an incident. So cyber insurance can be considered as an additional risk management tool, but do take time to:

  • understand the scope and scale of the cover provided
  • ensure that you are able to meet any operational requirements placed on you by the insurer”

As always when buying insurance you need to read the fine print of the cover. Crucially you must also ensure you meet any security or other IT requirements placed on you by the insurer.  If you have pre-existing IT issues you knew or ought to have known about and these lead to a breach of security you are unlikely to be covered.

Insurance is not a panacea, of course. You need to implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks your organisation faces.  This is required by the General Data Protection Regulation (GDPR) in any event where you process personal data.

Ensuring your business is protected against cyber security risks should be a recurring New Year’s resolution, no matter what type of business you run.

Simon Stokes

Simon Stokes is a Partner with law firm Blake Morgan . He leads the firm’s technology practice in London and specialises in information technology law.

Source link

The post #nationalcybersecuritymonth | Why Cyber risk is the number one business risk in 2020 appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Growing The Number Of Students In The National CyberPatriot Program

Source: National Cyber Security – Produced By Gregory Evans DETROIT – Michigan’s IT professionals already know about the crucial shortage of properly trained and educated Cybersecurity professionals.  In fact, you can’t open a newspaper, or a browser, without seeing an article publicizing the critical shortfall of Cybersecurity workers. Worse, the gap shows no sign of […] View full post on

#cyberfraud | #cybercriminals | The number of Black Friday scams is increasing and they’re becoming more sophisticated

Source: National Cyber Security – Produced By Gregory Evans With a rise in the number of shops offering Black Friday bargains, security experts say scammers are capitalising on the trend in the hope of conning shoppers. Experts say fraudsters are becoming ‘more sophisticated’ in their attempts to con people out of their hard earned cash, […] View full post on

#cyberfraud | #cybercriminals | Cybersecurity: Hostile nations responsible for ‘significant’ number of attacks against UK organisations

Source: National Cyber Security – Produced By Gregory Evans

How you can help fix broken confidence in the internet
Tech industry has a responsibility to fix security for the next generation, says NCSC head.

The National Cyber Security Centre (NCSC) has helped UK organisations fight over 600 cyber attacks over the course of the last year, with hostile nation-states blamed for a ‘significant’ number of the attempts at hacking UK-based targets.

The NCSC Annual Review 2019 sheds a light on some of the work the cyber arm of GCHQ has done over the last year to help protect the UK from malicious cyber activity and reveals that it handled 658 incidents in the last 12 months, providing support to almost 900 victims of cyber attacks.

Some of the cyber attacks which have targeted the UK in the past year include a phishing scam posing as an airport refund email which attempted to defraud over 200,000 people, nation-state backed hackers attempting to steal intellectual property from universities, a ransomware attack against the police.

It takes the total number of cyber incidents the NCSC has dealt with since it opened its doors in 2016 to almost 1,800 as cyber criminals and other malicious threat groups continue to target the UK.

For the first time, the NCSC has detailed the sectors which has been most commonly called on to support in reaction to incidents. Government is the top target for cyber attacks, followed by academia and tech companies. Managed service providers are the fourth most common organisations which the NCSC has helped with cyber incidents, followed by transport and health in joint fifth place.

“From handling more than 600 incidents – many from hostile nation states – to equipping the public with the tools they need to stay safe online, we are employing our expertise on a number of fronts,” said Ciaran Martin, chief executive of the NCSC.

SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)

The report lists Russia, China, Iran and North Korea as hostile states actively targeting the UK with cyber attacks, following the NCSC strategy of calling out countries conducting attacks.

The NCSC is also trying to keep individual users safe from cyber attacks and has revealed one way it has been doing so is with something called the Haulster operation which automates defence of credit cards by flagging fraudulent intention against them.

Haulster takes stolen credit card data collected by the NCSC and its partners and returns information about them to banks – often before being used for crime, allowing financial institutions to protect users from their money being stolen. So far, this operation has flagged fraudulent information against a million stolen credit cards and the NCSC aims to increase the scope of the operation.

The NCSC also continued with its policy of Active Cyber Defence (ACD), a strategy designed to ensure there are fewer cyber attacks in the world, causing less harm to users in the UK and beyond in the process.

A major element of this is a takedown service which stops phishing and other malicious websites from operating as soon as possible by contacting the web host and getting the sites removed from the internet.

According to the annual report, 98% of phishing URLs – 177,335 of them – discovered by the takedown service were successfully forced to stop operating. In 62% of cases, this happened within 24 hours of the website being deemed to be malicious.

The fight against these malicious domains means the UK only accounts for 2% of the websites hosting phishing scams around the world – down from 3% last year and 5% when the NCSC started operating.

However, despite a number of successes from the NCSC, the organisation isn’t under any illusion that the fight against cyber attacks and hacking is anywhere near over – and that everyone has a part to play in battle.

“Looking ahead, there is also the risk that advanced cyber attack techniques could find their way into the hands of new actors, through proliferation of such tools on the open market,” said Martin.

“Cyber security has moved away from the exclusive prevail of security and intelligence agencies towards one that needs the involvement of all of government, and indeed all of society,” he added.


Source link

The post #cyberfraud | #cybercriminals | Cybersecurity: Hostile nations responsible for ‘significant’ number of attacks against UK organisations appeared first on National Cyber Security.

View full post on National Cyber Security

Tinder #vulnerability allows #hackers to take over #accounts with just one #phone number

Source: National Cyber Security News

After it was reported last month that online dating app Tinder had a security flaw, which allows strangers to see users’ photos and matches, security firm, Appsecure has now uncovered a new flaw which is potentially more damaging.

Infiltrators who exploit the vulnerability will be able to get access to users’ account with the help of their login phone number. The issue has, however, been fixed after Tinder was alerted by Appsecure.

Appsecure says, the hackers could have taken advantage of two vulnerabilities to attack accounts, with one being Tinder’s own API and the other in Facebook’s Account Kit system which Tinder uses to manage the logins.

In a statement sent to The Verge, a Tinder spokesperson said, “Security is a top priority at Tinder. However, we do not discuss any specific security measures or strategies, so as not to tip off malicious hackers.”

The vulnerability exposed the access tokens of the users. If a hacker is able to obtain a user’s valid access token then he/she can easily take over a user account.

“We quickly addressed this issue and we’re grateful to the researcher who brought it to our attention,” The Verge quoted a Facebook representative as saying.

Read More….


View full post on National Cyber Security Ventures

All That’s Needed To Hack Gmail And Rob Bitcoin: A Name And A Phone Number

All That’s Needed To Hack Gmail And Rob Bitcoin: A Name And A Phone NumberSource: National Cyber Security – Produced By Gregory Evans Hackers have proven just how urgently a gaping flaw in the global telecoms network, affecting what’s known as Signalling System No. 7 (SS7), needs to be fixed. In a video demonstration, shown to Forbes ahead of publication today, benevolent hackers from Positive Technologies were able to […] View full post on | Can You Be Hacked?

The Number of Employment-Related Identity Theft Victims Is Significantly Greater Than Identified

Source: National Cyber Security – Produced By Gregory Evans

WASHINGTON — Internal Revenue Service (IRS) processes are not sufficient to identify all employment identity theft victims, according to a report issued today by the Treasury Inspector General for Tax Administration (TIGTA). Employment-related identity theft occurs when an identity thief uses another person’s identity to gain employment. Taxpayers may first…

The post The Number of Employment-Related Identity Theft Victims Is Significantly Greater Than Identified appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Random number generation poses hacker challenge

more information on sonyhack from leading cyber security expertsSource: National Cyber Security – Produced By Gregory Evans The best way to protect sensitive systems from hackers is to use a cryptographic key. For this lock to work it needs to use numbers chosen at random without any structure. This is difficult but a new system is at hand. To communicate in secret a […] View full post on | Can You Be Hacked?

Turkish government delays to announce number of child abuse cases

To Purchase This Product/Services, Go To The Store Link Above Or Go To At least 4 different cases of child abuse were revealed in Turkey only in April this year. A 14-year-old middle-school student in the city of Amasya, for instance, was taken to …

The post Turkish government delays to announce number of child abuse cases appeared first on

View full post on