Small men can play, talk and sound big when they go online. They may have to ease back into their normal lives once authorities start to call their bluffs. The government is putting together what is by all accounts a cyber-prowling team with mandate to monitor the online space for cyber-attacks (hackers), personal attacks, child pornography and "Material that is offensive with regard to the law." Pause there: Mzalendo Kibunjia has been talking about holding people responsible for what they say online either on Facebook, Twitter and the like and the response has mainly been to scoff at him.
Well we can tell you that as we speak, a team is quietly being assembled and trained within the inner confines of the Communications Commission of Kenya headquarters on Waiyaki Way. The equipment and systems to carry out the monitoring is being shipped in and CCK is working with the International Telecommunications Union (ITU) to train the cyber-defenders and install the systems.
The official name of the team is the Computer Incident Response Team (CIRT) and it is expected to start work by December, well ahead of the coming general elections.
Besides monitoring irresponsible comments and hackers online it will also monitor electronic transactions.
Right now there are four guys deployed to form the core of the team but it will be expanded.
CCK Acting Director-General, Francis Wangusi, confirmed that the team is undergoing training and a budget for it has been set aside.
The team will coordinate with other national CIRTs so that even those people posting abroad can be brought to book.
Of course mischievous characters can evade this by using sites like hidemyass.com, or use of tors or encryption and even connecting through VPNs but from the sound of it, it seems as if the body will have NSA-type powers of surveillance and be able to carry out things like deep packet inspection and information extraction or force service providers to furnish it with user data.
CIRT will also sit at the apex of other CIRTs based within telecoms and banks as well as other industries where they will coordinate threat analysis and incidence response mechanisms.
It is not clear how this will sit with the protection of privacy online but clearly a debate is set to arise.
It is trivially easy to successfully hide who you are when you post stuff on-line or even when you do mischief (so-called "hacking") on-line - the latter is a little harder to do but still fairly easy. These kind of efforts are just as likely to violate the privacy of communications (against an explicit provision of our new constitution) and -- this being Kenya -- to enrich some people. I am deeply distrustful of them.
ReplyDelete