Cyber Attacks: After the hacking of IFMIS and other Government Websites… Is Huduma Namba data safe from Hackers?
The Integrated Financial Management and Information System (IFMIS) portal and other government-related websites have been hacked by an Indonesian hacker group, Kurd Electronic Team. The Ministry of ICT Cyber Security team was on Monday forced to take over the operations of multiple government websites after they were hacked.
The hacking by W4r10k – a Kurdish hacker group – denied access to various websites including that for the Integrated Financial Management Information System.
List of Hacked Government Websites and systems that may be compromised:
1. IFMIS system
2. National Youth Service (NYS)
3. Department of Petroleum
4. National Environment Trust Fund
5. Department of Planning
6. Meat Commission
7. Judicial Service Commission (JSC)
9. National Development Implementation Technical Committee’s (NDITC)
10. Refugees Affairs Secretariat at Immigration
11. Kenya Meat Commission (KMC)
12. Lake Basin Development Authority (LBDA)
The National Development Implementation Technical Committee’s (NDITC) online page has been defaced by the same hacker group (allegedly) that just intruded IFMIS website. This makes it the second government-related website to see attacks from online criminals who take advantage of security lapses to toy with sites.
Previously, hackers have targeted the Central Bank of Kenya and other websites. IFMIS has also been previously hacked. As the government encourages citizens to avail more data which will be interconnected systems, Kenyans have complained improper security of personal data.
For context: the National Development Implementation Technical Committee was created alongside the National Development Implementation and Communication Cabinet Committer, 8 Regional Development Implementation Coordination Committees, as well as 47 County Development Implementation Coordination Committees.
These groups have one primary goal: deliver and oversee the implementations of the National Government Development Programmes and Projects in Kenya.
Unlike IFMIS website which has seen been relegated to maintenance before service restoration, the current culprit is still displaying the works of a hacker group calling itself Kurd Electronics Team. This is an embarrassing scenario, to say the least, and will land the team behind the development of the sites in trouble.
IFMIS was conceived back in 2014 to allow tender applicants and suppliers who want to do business with the government submit their applications without making a physical appearance at government offices.
According to the Kurd Electronic Team site, their activities include and are not limited to homepage defacement, mass defacement and IP Address locations.
In 2017, the Communications Authority of Kenya (CA) website was hacked. CA is the State agency that regulates Internet resources for public and private entities.
CA’s website was hacked by a group calling itself AnonPlus that replaced the regulator’s homepage with a five-point hackers’ manifesto promising to ‘defend freedom of information, freedom of the people and emancipation of the latter from the oppression of media and those who govern us’.
The hackers also took down the National Environment Management Authority (Nema) website for several hours casting doubt on preparedness of Kenyan State agencies to fight cyber crime.
In 2014, the Kenya ICT Authority embarked on an overhaul of government websites to host them under one server in a bid to boost security in the wake of massive cyber-attacks that had seen even Deputy President William Ruto fall victim.
In the past, and this is entirely theoretical, developers have been known to deface websites they created to protest late or non-payment. While we do not have the details of this hack, it is apparent there is more to it besides showcasing the websites’ vulnerabilities.
Is Huduma Namba data safe from Cyber Security Attacks and Hacking?