For the past months, including during the hour that this post was being prepared, The Ministry of Defense’s website has been spreading malware—despite repeated warnings from outside Techunzipped researchers.
On Today, after receiving no reply and still detecting that the site was infected, Techunzipped published this blog post, apparently under the reasonable belief that when attempts to privately inform the ministry fail, it’s reasonable to go public.
The site is hosted by GISP who have a record of not updating sites and use out of date CMS and very ugly templates.
Like so many drive-by attack campaigns, the one hitting the Ministry of Defense is vexingly easy for researchers to replicate. It targets only visitors using old browsers and if they come to the site from Google, Bing, or another search engine the site is flagged as infected.
The attack, however, is just the latest in Zimbabwe what has become a global upsurge of hacktivism, on all sides of the issue. The Ministry of Defense has seen its share of cyber-rattling, so to speak.
Hacktivism is expected to remain to be a concern Zimbabwe. Making one’s political propensities known is one thing, full-blown infrastructure compromise is another and our Defense forces are not ready of it. It is growth of cyber-attacks that has nation and companies security concerned.
Human error and lack of security awareness are the biggest sources for data breaches and risk to organizations and in Zimbabwe we lack that. The only suggestion I have for the ministry it to dump GISP and move to a more secure service provider.
Training should occur during the course of the year and include various modules on organizational information security policies. Consider a ” many channel ” approach employing a mix of in-person and digitally-delivered video training content to ensure staffs are aware of how to handle and dispose of confidential information.