Zim police join the cyber warfare

advertisement

The Computer society of Zimbabwe has taken lead in finding solutions to our cyber crime ravaged society but this time, they have asked the Criminal Investigation Department (C.I.D) Serious Fraud`s input to find lasting solutions to this new phenomenon.

The Zimbabwean criminal codification act does not, at any point mention computer aided crimes or cyber criminology directly as a crime but this does not mean that cyber criminology is exempted. Detective Assistant Inspector Tom Muleya and Superintendent Moyo Ndabazihle took turns on stage to explain how miscellaneous cyber activity can still be criminalized using our ancient Dutch law at an event held at Jameson Hotel.

While today there is so much online activity masked in anonymity and plasticity, tracing online criminals can be impossible or arduous. Cyber criminals are mastering new ways to stay undetected in this volatile industry and for our police force to be tasked with such responsibility, it’s really taking them for an acidic test. Computer criminals are the new wave of threat which without proper tools are impossible to trace let alone dictate.

Hampered by lack of resources and proper expertise to counteract activities, Superintendent  Muleya bemoaned such predicaments and vowed the force will still soldier on to withstand In such circumstances.

He highlighted how borderlessness and lack of public outcry  and has made it easy for the criminals while difficult for the force to trace. Issues of jurisdiction will always come as a crime committed in Zimbabwe may not be a crime in Switzerland. Extradition complexities may also inhibit the prosecution of such offenders.

What was so disheartening  was learning “the dream of an  African man`s” story from the  Superintendent. He took time to articulate how they, as police force keep dreaming that one day they will be able to complete the construction the Zimbabwean crime Laboratory ,as an international standard prerequisite. International Police (InterPol) demands that all member states should have such infrastructures but unfortunately for Zimbabwe, our government will still have other pressing prioritizes to consider.

According to Superintendent Muleya  the total budget needed is a mere  $180 000, and they are only waiting on hope to see this dream come true. The corporate world should find sense to partner and fund such projects which will help our forces in delivering standard services. It will not only be retrogressive but irresponsible for all players to sit back while such projects crumble.

Although we officially do not have cyber criminology statues, Superintended easily explained how they is no new criminology under the sun. For computer hackers they could be charged for unlawfully tampering or altering someone `s data using a computer. For the common DDOS attacks, you can be charged by depriving or infringing services to others via use of a computer. The same of sending viruses is malicious damage to someone’s property via computer so even still the old system is still being used in modern day criminology.

Currently a new wave of cyber criminology has  hit the Zimbabwean car importers industry where prospective buyers are hoodwinked into buying cheap online cars via local print and online adverts  and upon transferring the funds into these international scammers, the unsuspecting Zimbabweans will get their hard earned currency swindled.

Above all these challenges Detective Assistant Inspector Tom Muleya, boasted of a team of Officers who have undergone some studies in Cyber crime and fraud management to thwart these computer assisted and focused crimes.

advertisement
  • JamesM

    While it is a given in other societies that the national police force has the role and mandate to police all manner of criminal activities including those in cyberspace, unfortunately our beloved ZRP threw away the culture of policing in favour of brazen bribery and extortion long ago. Ask any motorist. And this is the police force you want to have a presence or keeping an eye on our activities in cyberspace? Hello! Just as well the ZRP doesn’t have resources to do this then one hopes they can concetrate on basic and honest policing before they are competent enough to make the leap into cyberspace.

  • http://www.karigon.net Raymond Swart

    Full presentation has been uploaded to the article on CSZ website http://t.co/Cebax4qp

  • tinm@n

    Important thing is that they have taken cognizance of the threat posed by cyber lawlessness.

    Whilst extortion and corruption is an issue that plagues ALL societies AT ALL sectors, it is mixing issues to then paint the effort black due to other issues they are struggling with. It is a step in the right direction to have them conducting dialogue with IT professionals…the technical experts on such matters.

    We cannot have them sit and ignore a real and existing threat that has had prolific organisations like ZSE targetted.

  • http://destinationkilotango.wordpress.com/ kthaker

    seriously dude? the only site i can think of that has actually been targeted was zimtreasury.org. the other hacks are just exploits in website code that people took advantage of. they were not intentional hacks at all…..

    when it comes to real targeting, you can look at examples like NASA, PSN, and the other high profile takedowns that happened overseas last year. THOSE were targeted hacks… now if someone can hack NASA multiple times and not get caught, do you really think Zim would stand a chance? 

  • http://www.techzim.co.zw L.S.M. Kabweza

    thanks a mil @RaymondSwart:disqus 

  • Lon

    The police need to know that hapana nguva yekusweroita majokes, this space is for real goons and not the naive chaps  who are doing lip service. To defend a nation in the cyberspace requires  resources and talented  manpower, and our police chaps got none. You can’t tract down the H^ck3r5 if you don’t think like them……remeber the attackers out ther are becoming more advanced, persistent and tactical such that bigger economies  are struggling to catch them look at the examples given by @Kthacker, they show how these guys mean business. Zim need to build a hybrid CERT and equip the CERT members accordingly ese musatipedzere nguva.

  • Bhinikwa

    You people are clueless about countering cyber crime. aLL YOU NEED IS TO CATCH one criminal & recruit him. You never incarcerate a highly skilled IT guru, you “employ” to teach cops & recruit more like minded criminals. Thats how its done even in western world. Cops will never have the best skilled in  IT but they can be effective.

  • tinm@n

    you’re failing to get the premise of my argument. disaster preparedness and awareness is critical. it is a positive step in the  right direction for people to be talking about such things with the active participation of the law enforcers.

    you never approach security with that kind of thinking. am talking professionally.

    if you must know, we have our own fare share of incidents that go unreported outsids the bounds of either the victim institution or third parties by agreement. financial institutions would never report a breach. i was privy to one. in fact, trend (world over)is most victims of breaches keep quiet for dozens of reasons, some of which have to do with protecting reputation others relating to damage assessments. PSN only disclosed the extent of their compromise after they discovered that user credit card info couldve been stolen. They were quiet for a bit. Otherwise, most go unreported. Especially the real black hat and malicious hacker.

  • Lon

    Here are some the attacks that recently made headlines and mapurise emu Zim, where do they stand in the cyberwar….let’s be serious guys remember mu cyber space hamuna chioko muhomwe it’s a game of mastery and he who got the best tricks win:
     
    • Sony – Partial loss of $343,750,000 for 1 month of lost services alone. There are currently 55 Lawsuits so far in the U.S. as well as the damage to reputation and brand. (Peckham,2011)
    • RSA – According to a report in The Washington Post, the cost of the RSA hackwhich compromised the security of RSA’s SecurID products was $66 million.(Tsukayama,2011)
    IMF – The New York Times recently reported “highly confidential information about the fiscal condition of many nations” contain “political dynamite” that could affect global markets…”(Paul,2011)
    • Epsilon – “…Epsilon hack may be the largest name and email address breach inthe history of the Internet.” (Storm, 2011)
    • Citigroup – “Citigroup has been forced to reveal that a recent hack of its networkexposed the financial data of more than 360,000 customers” (Zetter,2011)
    • ManTech – “…the members (Anonymous) posted a 390 MB download that appeared to contain reports related to NATO, the US Army and personnel files.” (Lennon, 2011)
    • U.S. Military’s Predator Drones – the response to the persistent key logger on the armed drones was “We keep wiping it off, and it keeps coming back,” a source told the technology magazine. “We think it’s benign. But we just don’t know.” (The Australian, 2011)
    • Booz, Allen & Hamilton – “Anonymous hackers boasted of stealing passwords linked to some 90,000 military users, although The Associated Press counted only about 67,000 unique email addresses, of which about 53,000 carried “.mil” domains.”(Associated
    Press, 2011)

  • Lon

    to extend on my earlier comment, I am a proud Zimba but  i don’t want to tolerate bluff from the guys who are busy lip talking and boot liking about cyber warfare and exploiting the crowds with wrong infor. Im grateful we got such initiatives but .1stly  do these guys know and understand their  purpose and rational.  look at what some guys are doing imagine putting down over US$30 billion only for cyber security. Does Zim have such capacity (I know the economies of scale play a role here)  but do we have enough $$$$ to invest even 1Mil zvayo,,,,,,by the looks of the current  things  we don’t..This is also a collabolative effort,  who will these guys work with , they need to work nemafesi akita se FIRST, CERT, etc.
     Refer to the excerpt below:

    Significant investment demonstrates this is a very real problem
    Countries in the Middle East have made cyber defence their priority, and are investing in it heavily. According to Frost & Sullivan; Saudi Arabia alone will have spent over US$ 33 billion on cyber security between 2007 and 2018. Oman, Qatar and the UAE have equally ambitious plans for the future, and these have been strengthened further by recent high profile attacks on Sony, IMF, FBI and the Syrian Ministry of Defence. In addition, the Internet Security Report 2011 – published by online security firm Norton – confirmed 72 per cent of UAE adults have fallen victim to cyber-crime in the past year.The biggest names in the industry are collaboratingSpeakers at the Cyber Defence Summit include Eugene Kaspersky, the founder and CEO of Kaspersky Labs; Suleyman Anil, Head of Cyber Defence at NATO; Jim Nelms, Chief Information Security Officer of World Bank; Shawn Henry, Executive Assistant Director, FBI; and Guy Megeur, General Manager (Middle East) at Cassidian Cyber Security. International experts are gathering because security is an international problem and cannot be solved by just one region or country on its own.“Unfortunately there is no doubt that the next major attack will be focused on national interests and on multiple countries. Where? When? How? Nobody knows. It’s the unpredictability that causes vulnerabilities to arise everywhere. The entire world, including the Middle East region, is unprepared; hence the timing of the Cyber Defence Summit is perfect. It will allow all stakeholders to come together and share their experiences and solutions and build a fool proof plan for the region,” said Guy Meguer.The summit is the biggest initiative in the Middle East focusing on protecting the region’s critical national infrastructure. It is endorsed by ITU-IMPACT, the largest cyber security alliance of its kind with 137 member nations, and is officially hosted by Oman National CERT and Information Technology Authority Oman.

  • tinm@n

     I dont think Cyber warfare is the term you were looking for.

  • Cyber chii?

    Your headline is very misleading. The police are not involved in any warfare of a “cyber” nature, and they do not have the powers to do so.

    Secondly, everything you talk about is not CYBERWARFARE, when you talk of cyber warfare, it basically means war over the internet.

    What you are talking about is cyber crime.

    And I can assure you the police know nothing about cyber crime. Personally, i suggest anyone with a online business to use servers in countries like the US and the Uk which have experts who really know what internet crimes are and who can make follow ups.

  • Cyber chii?

    (laugh laugh laugh)  you speak of zimtreasury…. (more laughs)

    Nasa etc you talk about, well, you know about it because at those organisations there are people who know if there has been an intrusion. Zimteasury, well, you know because you could see the evidence of what happened. most of the time the hacker will get in, steall all the data he needs or just check out what’s there and leave. in Zimbabwe’s case, unless someome says he did so, it will never be known.

    I would be impresed to death if it turned out that the police forces have highly skilled expert programmers and IT gurus who can tell when there has been an intrusion, they dont!

    As far as i am concerned, Zimbabwe, whether police or whatever law enforcement branch, has no capacity to investigate cyber crime except for stuff like 419. real cybercrime like intrusion into banking systems etc, if they say they have experts i am sure they mean they have links to the South African Police Service and Interpol, and not that they can do it themselves.

    Most policemen cannot even use MSWord, and all write dockets on plain bond paper.

  • tinm@n

     I agree with everything you said, except your last paragraph particularly on moving your servers to a different geo location. Lots of parameters to consider there.

  • me

      don be so sure..haikona kutarisira vanhu ava pasi… especially given the fact that most of these things are there for free on the internet .. chinovatadzisa kungodzidza vega chii ? And also remember there are youngsters being recruited in the Police force…  and  @6f4d3b843f7c6acfc6fd49fb94971598:disqus  said it ryt … bata 1 and recruit him .. they did it in UK n US  na Sabu if u knoe him… 
    http://online.wsj.com/article/SB10001424052970204603004577269844134620160.html 

  • Cyber chii?

    You mean “green bombers” are being taught to use computers as well as networking, server management, and programming? I write from and i assure you most (99,99%) of policemen do not know what an IP address is.