Digital Security: a great challenge in building Republic of south Sudan. By John Naru Dear Editor could you publish this article to sharpen our destiny for Digital risk in south Sudan. The Ministry of Telecommunication and Postal service Republic of south Sudan celebrated telecommunication and information day in May 2014, it is my pleasure to give the knowledge I got from training held recently in Nairobi to Journalists from four African countries namely Kenya, south Sudan, Ethiopia and Somalia on safety and protection of Journalists. Thanks to Union of Journalists of south Sudan (UJOSS) and Association of Media development in south Sudan (AMDISS) for facilitating this training to four of us from south Sudan to joint our colleagues in the other three countries, a training that ran for one week, a Journalist from Al Masier Newspaper, City FM Juba, a south Sudan freelance Journalist and Myself from State Ministry of Information Central Equatoria State. We managed to attend the training session and acquired this useful Knowledge on digital surveillance, planning and Risk management, including other subjects dealing with Journalism conducted by IREX organization training Journalists and Civil Societies on technology, human rights and democracy in the world. I choose to talk mainly on digital surveillance directly affecting us while on duties. As I have mentioned, Digital security: a great challenge in building Republic of south Sudan now and in future, it is an important perspective that the Republic of south Sudan ought to sheer up efforts, all of us in different fields both in the Government and the Private sectors including the humanitarian agencies working in south Sudan. The reason is simply world is migrating from analogue to digital system, however since popular activities like checking electronic mails, health and medications, sports, checking weather of your region for the day, reading news, entertainment, buying products from companies on line, booking for travel, accessing Google earth to see residential areas in your country, or locating direction of your office building and house ,watching buildings and roads of your country on Google earth, accessing information from office of President and the line Ministries, UN agencies in Juba. Since all these will be on internet then we need measures to deal with social engineering, our ICT graduates should update the nation with new discoveries on Information & Communication Technology (ICT) field or conducting Print and Broadcasting awareness on new development in ICT immediately, especially discovery of new Malware or virus. If you are a computer literate it does not mean you’re safe. Nonetheless, someone elsewhere through social engineering can defeat you by penetrating in to your computer and grab your information. Firstly what is social engineering itself? So that we do not confuse it with Information and communication Technology’s engineering. Social engineering by definition is the psychological manipulation of people into performing action or divulging confidential information, while social engineer(s) is a person or people who deceive or con others in divulging information to create hatred among societies, individuals or institutions. Such person or people can use phishing, hacking on line or surfing and it will lead to exploitation of relationship with your institutions, agencies, families. This happened in United States of America, some of you might came across stories of how classified documents of United States Government was exposed including Military documents by Wikileaks, not only that social engineers name them, went as far as exposing personal secrets of world leaders, business people, agencies, families. It is a digital threat; it can be through interception while communicating by Mobile device or e-mails. Some of these attackers went as far as creating complicated malwares and virus that uncovers information from computers of people; institutional computers while such computers were connected on internet so always update your anti-virus to kill malwares. Hackers can use ways like phishing, surfing online. Nevertheless, wifi is a device whereby if you log anyhow all your internet traffic will be seen by a hacker or their detection centre. How do they do it on wifi? Since most computers in the offices, homes are connected to internet through device like wifi, such crime organized people will penetrate into confidential computers if such computers are connected online through creating wifi fake line, assuming he or she is a visitor asking to access internet through your office’s wireless link. You give him or her a wifi password, the second step for him or her to create a fake line within your wifi link so it allow him or her now to detect information on computers online connected to that particular office, home or a hotel through his or her fake created line. How can you identify a fake wifi line? If you double click at your computer lower bar of internet connection icon, it open, then see your usual office, home or hotel line, the network system in your real line always increases and decreases but fake lines appeared and disappeared this imply that someone or people working online within your wifi are watching or doing something among you, it is difficult to notice it, all lines both active and fake appeared in row within your Computer internet network either of the office, hotel or home, so if you don’t like to access internet while at home, office or hotel please disconnect the internet from your computer. Hotels are unsafe places where wifi detection process can occur to your computer, it is where all visitors to the hotel access internet freely and a new customer of a hotel can be issued with a wifi password of that hotel, a Spy following you in a hotel can used this method to gather your information. Some softwares online may request you to download and this can lead to identification of your files or confidential documents. Such Kind of dangerous softwares can be place online like when you connect your computer on internet while it does not have specialized softwares to block or reduce these malicious acts. Before I elaborate further on this topic, let me give some accounts of wikileaks exposure. Historically, in February 2012 wikileaks began publishing the global intelligence files, over five millions e-mails from the texas headquarters- “Global Intelligence Company”. The e-mails dated between 2004 and late December 2011. Wikileaks also in July 2012 began publishing the Syria files; it exposed more than two million electronic-mails from the Syrian political figures, Ministries and associated companies dating from August 2006 to March 2012. It was collected from 680 syria-related entities or domain names, including those of the Ministry of presidential Affairs, Foreign Affairs, Ministry of transport, Finance, Culture and Information. The exposed e-mails unearth the inner working of Syrian government and its economy; it also reveals how the west and western companies in Syria say one thing and do another on the other side. It also released Peruvian politicians and officials’ involvement in the petrogate scandal, an audio recording of perupetro Vice president Alberto Quimper and Romulo León Alegria a prominent member of Garcia’s ruling party, discussing under-the-table payments conditioned on discover petroleum obtaining oil exploration concessions. According to the recording, Quimper, León and Ernesto Arias-Schreiber the legal representative of discover in Peru were to receive $10,000 monthly in exchange for steering lucrative oil contracts to the Norwegian oil exploration firm. The uncovered Scandal forced the government to suspend five joint exploration and development contracts awarded to discover petroleum and state-owned oil company petroperu. The Minister of Energy and Mines, Juan Valdivia immediately handed in his resignation and only days later the whole cabinet and cabinet chief Jorge del Castillo resigned. Further, Wikileaks in 2012 reports it begun releasing the Detainees policies of US, more than 100 classified or otherwise restricted files from United States Department of Defense covering the rules and procedures for detainees in US Military custody. The documents include the standard operating procedures (SOPs) of detention camps in Iraq and Cuba, interrogation manuals and fragmentary orders (FRAGOs) of changes to detainees’ policies and procedures. A number of policies related to camp Bucca in Iraq and also Department of Defense-wide policies and documents relating to Abu Ghraib, Guantanamo Bay and European- U.S. Army Prison facilities. Before 2012 the wikileaks revealed that the cases of the majority of the prisoners held at Guantanamo-758 out of 779 in total- are describe in detail in memoranda from JTF-GTMO, the joint task force at Guantanamo Bay to US southern command in Miami, Florida. The Memoranda recommends if the prisoners in questions should continue to be held or released (transferred to their home government or to other governments). In 2011 wikileaks posted in its website, it began publishing 251,287 leaked United States embassy cables, the largest set of confidential documents ever to be released into the public domain. The documents as they say will give people around the world an unprecedented insight into the US government’s foreign activities. Omdurman TV also uncover a telecom leak of Taban Deng Gai in live interview with some jalabas discussing in live studio, an intercepted unknown telecom audio of Deng as governor of Unity State advising SPLA command in border by then was played over the TV, SPLM by then suspected some operating telecom company in south before independent, the author have heard the leak audio on Omdurman TV in Juba abruptly while in office and told colleagues by then that the governor was intercepted. Mobile communication can be hack; advance technology can use computers to identify mobile coding messages. Some software nowadays can unlock your mobile password. So expensive mobile device like smart phones has a lot of problems, it is simple to expose individual documents; people prefer local phones as best option to avoid complications. Unless someone is advance in using smart phones your privacy will be protected by knowledge you have. Biometric key lock also protected smart phone users from information stealing. I hope we learned from these advance technological lessons, there was a say that someone with Advance knowledge can overpowered someone with less advance knowledge. Now let us get back to our normal theoretical prospect in this opinion. Software for blocking malicious acts is now online created by technological companies working for Justice, software like adblock Plus (ABP) is of recent it block and mitigate intrusive adverts that disturb much on your screen while your online. Another software to detect malware is call Spybot-search & destroy it was created to scan for software that poses a threat to the privacy of the user of a computer while spybot-search & destroy endeavors to detect known malware but not all malwares, it can run on windows XP, 2003 server, Vista, window 7 or window 8 only. Spybot has immunization procedure, it can immunize your entire files and folders, detect contaminated cookies or browsers. Spybot proxy-block cookies, domains, suspected phishing while statistic system- registers number of last scanned items. This is very amazing in spybot! This software I mentioned and more others can be downloaded through Google chrome only, other browsers like Opera, internet explorer etc cannot manage that. Google chrome recently lure a lot of internet users in using Google chrome to brows information online that protected them not to be victim of social engineering, please let us use Google chrome, the best option for us, individually are to keep our information either in external hard drives or other storage system, while we go online with an empty computer having no individual or institutional information at the current stage of south Sudan. Using HTTPS instead of HTTP while browsing information online or checking e-mail is best option, see a computer with Mozilla Firefox or Google Chrome browser having HTTPS, it is safe, your information while on line will not be indentify by third party. The HTTPS can also be downloaded from Google Chrome. In chrome, it appears in shape of green pad-lock on the browsing bar. Millions of users are now using Google Chrome; HTTPS also can be identified in Mozilla Firefox browser. I don’t know why our ICT staffs in south Sudan are not creating awareness to government and agencies in Juba on the new development since our nation at the moment depend on computers. You cannot do a work without computers if a business or official duties. Soon or later all our information will be exposed. I think Computers of personnel offices, financial departments in the Republic of South Sudan; office of the President, Banks and private sectors might be under surveillance if connected to internet, watch out prevention is better than cure. Some employees in south Sudan if eaten breakfast just sited in offices to access internet, some connect computers with office confidential to internet. What will be the Way forward? Should we disconnect computers with confidential information in our offices from internet? Can we have separate computers in our offices or computers room to access internet? Then the rest of computers contain confidential be disconnect for a while, until we are matured in technology. Sincerely let us disconnect computers with confidential in our offices from internet and let us create internet access room for those want to access internet in offices. This is simply because we are still far in technology, no awareness yet on anti-digital surveillance or specialized software to protect users of computers in south Sudan. Let us avoid wiki leaks fiasco in south Sudan by working hard to promote technology in our country. John Naru is a south Sudan Journalist can be reached at johnnaru2009@hotmail or mobile +211 920 527 691.
Posted on: Fri, 04 Jul 2014 19:29:17 +0000
Trending Topics
Recently Viewed Topics
© 2015