You are on page 1of 11

IBM Security Systems

IBM Security

Information Systems Security - Implications for Government

Alex Kioni MSc, CISSP, CISM, CEH, ITILv3 Security Systems Lead Technical Consultant Central, East & West Africa Region

IBM Security Systems

2013 IBM Corporation

2013 IBM Corporation

IBM Security Systems

Local Trends

Data from the Banking Fraud Investigations Department (BFID) indicate that financial institutions reported Sh1.5 billion (~ $17.6million) was stolen from customers accounts in the year to April (2013). Businesses in Kenya are experiencing numerous cases of insider threat including data leakage and insider fraud. Poorly designed and insecure web applications expose Government and local financial institutions to possible compromise and defacement by cyber criminals. Automated attacks targeting Government & organizations in Kenya are going undetected due to poor detection and prevention methods.
2 IBM Security Systems 2013 IBM Corporation

IBM Security Systems

Cyber criminals are selling stolen credit cards issued by Kenyan banks online for $10 US dollars. Kenya has a higher percentage of malware infected PCs compared to global averages. Kenyan ISPs have poor IP reputation scores leading to email and web traffic getting blocked. There is evidence of botnet activity originating from Kenya presenting the greatest threat to critical infrastructure and corporate networks.

IBM Security Systems

2013 IBM Corporation

IBM Security Systems

IBM Security Systems

2013 IBM Corporation

IBM Security Systems

Accused of stealing $3,791,329.05 (Sh328, 644,155.17) on July 8 at the Standard Chartered Bank head office.

IBM Security Systems

2013 IBM Corporation

IBM Security Systems

Cyber criminals are selling stolen credit cards issued by Kenyan banks online for $10 US dollars.

IBM Security Systems

2013 IBM Corporation

IBM Security Systems

Businesses in Kenya are experiencing cases of insider threat including data leakage and insider fraud

IBM Security Systems

2013 IBM Corporation

IBM Security Systems

The "Unlimited Operation"


$45 million Amount stolen in 10 hours in ATMwithdrawal sprees on Feb. 19-20, 2013 Hundreds of people involved in 27 countries without using a gun or bomb threat, or even setting foot inside a bank lobby. 40,500 Total ATM withdrawals

27 Countries where ATMs were raided in the operations, including Kenya

IBM Security Systems

2013 IBM Corporation

IBM Security Systems

10

IBM Security Systems

2013 IBM Corporation

IBM Security Systems

Government

The explosion of digital information and integrated infrastructure makes the Government and its agencies ripe for technology security breaches.

The chances of breaches in Government are, in fact, even greater and more varied than they are in private business and industry.
Not only does the federal government provide repositories for civil, state and defense secrets but we are in the process of integrating sensitive personal data such as citizen tax information, citizen registration, business registration, assets databases, and land registry. It also maintains vast technology infrastructures that run its operations and programs. Theft of government and citizen information or a cyber attack that compromises the ability to conduct government business can have serious and far-reaching consequences.
11 IBM Security Systems 2013 IBM Corporation

IBM Security Systems

ibm.com/security

12

IBM Security Systems

2013 IBM Corporation