‘Zim fertile ground for hackers’

Source: ‘Zim fertile ground for hackers’ – NewsDay Zimbabwe November 21, 2017

ZIMBABWE is recognised by the global hacking community as a “low hanging fruit” meaning that the country’s information technology systems are an easy target, leaving financial and business systems very vulnerable to attack, a new report has shown.


The Zimbabwe Information and Communication Technologies (ZICT)’s recent internet security threat report stated that Zimbabwe is recognised by the hacking community of the world as an easy target.

“In simple terms, this means that experienced hackers, student hackers, script kiddies, State-sponsored hackers, researchers in offensive security and even kids on the internet will definitely try to hack into servers and network devices on the internet that are within the Zimbabwean allocated address range,” Robert Shoniwa said, ZICT member and chairperson of information security and assurance department at the Harare Institute of Technology.

“But, we cannot also just assume that all the attacks will be from foreign threat actors. Considering the massive improvements in the primary and secondary school curriculum with respect to computer science and cyber security as well as the growth of e-commerce in Zimbabwe due to shortages of hard cash, we are to expect a number of cyber-attacks from local threat actors as well.”

Earlier this year, Zimbabwean banks and other institutions were included in the global WannaCry ransomware attack that hit 150 countries with none coming forward to confirm.

The warning by ZICT comes as an American IT firm, Rapid7 LLC, has predicted in the company’s Threat Report 2017 for the third quarter that computer hackers will specifically leverage off built-in Windows management tools to achieve lateral movement within networks.

The IT firm urged companies to strengthen their systems.

A number of companies in Zimbabwe are running outdated IT systems and Windows software.

“Given the trends established in Q2 [second quarter] and Q3 [third quarter] of this year, we expect attackers to continue to leverage built-in Windows management tools to achieve lateral movement within networks once a foothold is gained. One-off incursions on isolated systems will become increasingly rare, and responders will find themselves hunting down infected neighbours with greater frequency,” Rapid7 said.

“Attackers will tend to compromise service accounts — those accounts used by business processes with unusually high access privileges and weak credential management — when given half a chance. Those features make these accounts treasured prizes, but there are a few, basic steps you can follow to ensure they remain out of reach.”