UK GOVERNMENT MUST INVEST ON CAPACITY BUILDING TO FIGHT CYBERCRIMES – Dr. ALI.

Dr. Ali, My digital forensics investigation lecture during my bachelor degree argued the UK government to invest on skills and police resources to tackle cybercrime. He started with the statistics by saying; the cost of cybercrime to the UK economy is around £27 billion per year, around 2% of national GDP. Some experts suggest this is too small, excluding as it does important vectors of cybercrime such as malware.

Computer security firm Norton estimates that more than 12.5m people in the UK fall victim to cybercriminals every year – 34,246 cases each day – with an average loss of £144 each. Again, this is probably an underestimation when one considers that many people will be victims of hacks or malware without ever knowing, and so they go unreported.

A global study conducted by the UN Office of Drugs and Crime reported rates of cybercrime including hacking leading to theft and fraud at rates of up to 17%, significantly higher than rates of their conventional equivalents at less than 5%.

Fighting cybercrime is by no means easy. The wide range of technologies and vectors of attack available to cyber-criminals and the cross-border nature of these crimes make investigating them difficult. The fragile nature of digital evidence complicates matters, tracks and traces that skilled cybercriminals can erase behind them. And the intrusive nature of investigating cybercrimes – which typically requires removing computer equipment for analysis – raises privacy issues that make digital forensics an even more complicated task.

POLICING CYBERCRIME IN THE UK

In the context of UK policing, the National Association of Chief Police Officers (formerly ACPO) Core Investigative Doctrine provides a strategic framework and good practice guidelines for forensic investigation of e-crimes. Since 2011, the UK government has adopted a centralised approach as part of its National Cyber Security Program, with the National Cyber Crime Unit (NCCU), part of the UK National Crime Agency, the central focus for tackling cybercrime in partnership with government agencies such as GCHQ and the Home Office.

KUA MAKINI NA FARAGHA (PRIVATE SETTINGS) MTANDAONI

Ijumaa 26 – 06 – 2015 nilishiriki katika mjadala ulio jadili uchumi wa kidigitali katika kongamano lililo andaliwa na COSTECH ambapo kwa upande wangu niliangazia uhalifu mtandao unavyoweza kuleta athari kwenye uchumi wetu ukizingatia sasa miamala mingi ya kifedha imekua ikifanywa kwa msaada wa TEHAMA ( Simu, ATM , Mitandao).

Nilitolea ufafanuzi hali halisi kwa sasa na tuendako huku nikitolea mfano uchumi wa taifa lolote unavyoweza kuyumbishwa au kudondoshwa kabisa wa endapo wahalifu mtandao watahujumu TEHAMA zinazotumika kurahisisha shughuli za kibiashara zinazokuza uchumi wa taifa.

Aidha, Nilitolea ufafanuzi mambo muhimu yakuzingatia ili kujiweka salama kimtandao – Baada ya mjadala huo nilipokea maswali mengi yaliyolenga kutaka kufahamu zaidi kuhusiana na uhalifu mtandao pamoja na kutaka nitolee ufafanuzi zaidi angalizo muhimu zinazoweza kuboresha hali ya usalama mitandao.

Hapa Nitaangazia mambo kadhaa walau kwa uchache ya kuzingatia utumiapo mitandao situ wakati wa kufanya miamala ya kibiashara bali nitatolea na majibu ya maswali ya msingi niliyopata kuulizwa.

Mazingara ya Faragha (Private setting): Mara nyingi watumia mitandao wamekua hawana uelewa mzuri wa kwanini pakawa na private settings kwenye mitandao mingi hasa ya kijamii na yamasiliano pamoja na simu zetu za viganjani. Wengi wamekua wakiacha au kutoa ruhusa kwa yeyote kuona kila afanyacho mtandaoni na alipo kwa kutoweka sawa Private settings.

Teknolojia mpya (New technology): Ununuapo kifaa kipya chene teknolojia ya juu jitahidi kujua unahitajika kua makini zaidi kuhakiki unafunga wigo wa watu kuweza kukuingilia/ dukua kwani teknolojia mpya zina rahisisha maisha yetu pamoja na kuja na changamoto zaidi. Mfano: unapoamua kutumia TEHAMA katika vyombo vya usafiri au kuongoza vifaa vya nyumba yako ujue unaongeza wingo wa kudukuliwa na athari ni kubwa zaidi tofauti na anaetumia TEHAMA kuwasiliana kwa simu na meseji pekee.

Jithibitishie kumjua unaezungumza nae kupitia Mitandao/simu: Uhalifu unaokua kwa kasi kubwa hivi sasa ni pamoja na spoofing – Aina ya uhalifu inayo mruhusu mhalifu kutumia namba au kifaa chako cha komputa kwa kutumia utambulisho wako. Maana Kuna tovuti na visaidizi kadhaa mitandaoni vinavyoruhusu mtu kubadilisha namba za watu na kufanya waweze kutumia utambulisho wa mlengwa wake pasi na muhusika kujua.

THE INSIDER THREATS ARE GROWING

We now leave the most exciting period in human history, Life has been simplified with the existing technology – Our life today depends on information technology, from our communication and transports, finance and banking, energy and education, and other services in our daily life.

 As we become more reliant on information technology which off course simplifies our life, we also put ourselves vulnerable to cyber-attack which exposes our sensitive personnel and business information, disrupting critical operations and imposing high cost to individual, organisation and the country at large.

The number of mobile and internet subscribers in Tanzania has increased – more people have access to internet through their computers or their mobiles phones. This has increased the number of mobile subscriber to over 32 Million and rapidly growing number of subscribers for data service with more than 62 data operators in the country.

Privileged users, contractors, consultants and regular employees ere the next biggest threat to organizations – Privileged users, such as managers with access to sensitive information, pose the biggest insider threat to organizations. Insider threats have become more frequent in the last 12 months, but there is no much initiatives to address the problem.

This rise in insider attacks is mostly due to a combination of three factors: insufficient data protection strategies and solutions; the proliferation of sensitive data moving outside the firewall on mobile devices, and lack of employee training and awareness.

Most organizations have no appropriate controls to prevent insider attacks, and most believe insider attacks are far more difficult to detect and prevent than external attacks – insider attacks are difficult to detect and prevent primarily because insiders often already have access to systems and sensitive information.

UHALIFU MTANDAO KUELEKEA UCHAGUZI 2015

Nianze makala hii kwa kupongeza jitihada za dhati za serikali ya awamu ya Nne katika uwekezaji wake kwenye sekta ya TEHAMA Nchini. Ni wazi kabisa nchi yetu imepiga hatua kubwa katika maswala ya TEHAMA kulinganisha nan chi nyingi Afrika. Mifano michache ni pamoja na kuhama kutoka analogia kulekea Digitali, Mkonge wa taifa, Kupatikana kwa Khala Mtandao la taifa, kuaandikisha upigaji kura kimtandao na mengineyo mengi.

Aidha, Jitihada kama vile kupatikana kwa sharia mtandao, kupatikana kwa vitengo vinavyo shughulikia uhalifu mtandao,  wakala za serikali mtandao na mengineyo yamekua ni hatua ya kipekee iliyoweza kutoa matumaini kwa watanzania kutoka kwa serikali ya awamu hii ya Nne inayo ongozwa na Dk. Jakaya Kikwete.

Jitihada hizi njema naona bado kuna ya kufanyika zionyeshe matunda na zibaki salama kwa muda mrefu. Nimeyasema hayo kufuatia kauli yangu niliyoitoa, Nilipo sema serikali ina jukumu la kuwekeza zaidi katika maswala ya usalama mitandao ili kuweza kubakisha salama jiihada hizi za TEHAMA kwani isipo fanywa hivyo kuna hatari kubwa mbele yetu kimtandao iyakayo pelekea jitihada hizi kuingia dosari kubwa.

Hatari za kimtandao zitakazo pelekea kuathiri kwa kiasi kikubwa uchumi wetu, siasa zetu, tamaduni na jamii yetu kwa kwa ujumla wake. Napo zungumzia uchumi nipamoja na upotevu mkubwa wa fedha unaosababishwa na uhalifu mtandao ulio athiri taasisi za fedha na mawasiliano nchini. Kumekua na wimbi kubwa la wizi wa fedha kimtandao hii ni mjumuisho wa pesa kutoka mabenki pamoja na pesa zinazo potea kutokea kwenye miamala ya simu.

Moja ya changamoto iliyo sikika kwenye kikao nilichoshiriki kilicho husisha nchi ya  ujerumani na Tanzania ni pamoja na lalamiko kutoka kwa mshiriki kuelezea kua kupitia mtandao alipoteza pesa zake na kumekua na ugumu kuzipata pesa hizo. Nilitolea ufafanuzi hilo kwa kueleza kua tatizo ni kubwa na kama hakuna jitihada za dhati kudhibiti hili basi kuna hatari ya uchumi wetu kupitia uhalifu huu mtandao kuporomoka.

Aidha, Naomba nijikite zaidi kwenye Uchaguzi mkuu ujao Oktoba – Ni wazi kabisa kuanzi uandikishaji hadi taratibu nyingine za kuelekea uchaguzi mkuu umehamishiwa katika mtandao. BVR (Biometric Vote Registration) mfumo mtandao unaotumika kuandikisha wapiga kura ambao kwa ujumla wake ni mfumo wwa kimtandao.

Kuna hatari kubwa ya Mifumo hii kuathirika kimtandao na kusababisha kupatikana kwa taarifa zisizo sahihi endapo wahalifu mtandao wataweza kuingilia na kufanya marekebisho wa namna ya ufanyaji kazi wake. Hii inaambapatana na Matumizi mabaya ya mitandao kuelekea uchaguzi ambapo inaweza kusababisha kuyumbisha amani iliyoko Nchini. Nimelizungumza hili kwa kirefu sana kama inavyoweza kusomeka kwa ku "BOFYA HAPA"

THE COST OF CYBER-ATTACKS IN THE UK IS RISING DRAMATICALLY

According to the  “PWC REPORT”, the cost of a cyberattacks to businesses has more than doubled in the past year. This should be a wakeup call to other nations – The rise of cyber-attacks in recent years has proven the need to do more than what has been done. More collaboration beyond border is extremely needed and the required skill set on the fight is to be raised along with cybercrime awareness programs that will eventually add impact to the community.

The Department for Business, Innovation and Skills (BIS) commissioned the survey which has shown that not only has the cost doubled, but the number of security breaches has increased.

To make things even worse, 11 per cent of respondents changed the nature of their business as a result of their worst breach.

The average starting costs for a major security breach at large organizations rose to an average £1.46 million, up from £600,000 last year. Smaller firms were no less immune to the financial drain caused by a cyberattack. The minimum they could expect to pay last year for the most extreme breaches jumped to £310,000 from £115,000 in 2014.

The costs include covering business disruption, lost sales, recovery of assets, fines and compensation.

Speaking to The Telegraph as the report was launched, Ed Vaizey, UK Digital Economy Minister, said: "The UK’s digital economy is strong and growing, which is why British businesses remain an attractive target for cyberattack and the cost is rising dramatically. Businesses that take this threat seriously are not only protecting themselves and their customers’ data but securing a competitive advantage".

The survey also found that 90 percent of large organizations suffered a cyberattack over the year, a rise of nine percentage points. For small businesses the figure was 74 percent, up from 60 percent a year ago.

TANZANIA KUATHIRIKA ZAIDI NA UHALIFU MTANDAO.

Mazungumzo ya awali kabla ya mkutano wa wanausalama mitandao uliokamilika jijini Johannesburg nchini afrika kusini yanaweza kusomeka kwa "KUBOFYA HAPA"  Mkutano ambao uliokua na vuta nikuvute kupata suluhu ya changamoto tulizo nazo za kiusalama mtandao duniani kote zinazoendelea kukua kila kukicha huku ikionekana dhahiri kabisa wahalifu mtandao wanaelekea kuzidi nguvu huku Tanzania ikiorodheshwa kua ya sita kwa nchi zinazotegemewa kuathirika zaidi na uhalifu mtandao barani Afrika.

Akitolea ufafanuzi wa takwimu hizi Bwana Vernon Frye, Mkuu wa Usalama mitandao wa kampuni ya Vodacom ya Afrika kusini, alielezea kuhusiana na uhalifu mpya wa Ransomware ambapo tayari athari zake zimesha onekana Nchini huku aki ibua mjadala mzito wa wapi tume jikwaa.

Aidha Mjadala mrefu kutoka kwa aliyekua Mkurgenzi wa wakala wa usalama wa Marekani (National Security Agency – NSA) bwana William Binney pamoja na Raisi na muanzilishi wa kivinjari cha aina ya Tor kinachotumika sana na jumuia ya wana usalama mitandao waliibua changamoto ya ufaragha baina ya watumiaji wa mitandao na namna ya kuendelea kuhakiki kunapatikana uthibiti wa faragha hizi kutotumika vibaya na wahalifu.