KCSFA YouTube

Posts Slider

CyberSecurity

  • Facebook accuses blocked top Uganda officials of engaging in ‘inauthentic behavior’

    Facebook has shut a slew of accounts belonging to Ugandan government officials accused of seeking to manipulate public debate ahead of elections Thursday, the internet giant told AFP on Monday.

    The East African nation is holding presidential and parliamentary elections after a tense and bloody campaign, with President Yoweri Museveni, 76, facing a stiff challenge from the popstar-turned-politician Bobi Wine, 38.

    “This month, we removed a network of accounts and pages in Uganda that engaged in CIB (Coordinated Inauthentic Behaviour) to target public debate ahead of the election,” Facebook’s head of communication for sub-Saharan Africa, Kezia Anim-Addo, said in an email.

    “They used fake and duplicate accounts to manage pages, comment on other people’s content, impersonate users, re-share posts in groups to make them appear more popular that they were.”

    Anim-Addo said the network was linked to the ministry of information and communications technology.

    “Given the impending election in Uganda, we moved quickly to investigate and take down this network.”

    Social media giants have come under increasing scrutiny over the content they allow to spread on their networks.

    Twitter, Instagram and Facebook blocked US President Donald Trump over incitement to violence after his supporters stormed the US Capitol last Wednesday, a move his backers see as an assault on free speech.

    Museveni’s senior press secretary Don Wanyama, who saw both his Facebook and Instagram account shut down, accused the company of seeking to influence the election.

    “Shame on the foreign forces that think they can aid and plant a puppet leadership on Uganda by disabling online accounts of (ruling party) NRM supporters,” he said on Twitter.

    “You wont take away President Kaguta Museveni” he added, using the president’s second name.

    Museveni’s online account is still active but many government officials and members of the ruling party have seen their pages taken down, including a well known blogger and Museveni supporter, a prominent doctor and a senior official in the information ministry.

    The president has long accused foreign organisations and elements of backing Wine in a bid to remove his government.

    Misleading behaviour
    The term Coordinated Inauthentic Behaviour was invented by Facebook, which describes it as when “groups of pages or people work together to mislead others about who they are or what they are doing”.

    The tech giant explains on its website that this is often linked to deceptive behaviour rather than content.

    Anim-Addo said over 100 such networks seeking to manipulate public debate have been removed worldwide since 2017.

    In December, networks managed from Russia and France — one linked to the French army — were deleted over accusations of interference operations in Africa.

    And in October Facebook shut down the page of a conspiracy-fuelled political party in New Zealand accused of spreading disinformation about the coronavirus ahead of elections there.

    In the wake of last week’s protests in Washington, tech giants Amazon, Apple and Google have all cut ties with Parler, a social media platform popular with some conservatives, likely to leave it without a hosting partner.

    Source: https://www.monitor.co.ug/uganda/news/national/facebook-accuses-blocked-top-uganda-officials-of-engaging-in-inauthentic-behaviour–3253498

Cyber Investigation

  • Email Security (Legal and Security Aspects in Kenya)

    In a collaborative webinar hosted by Kenya Cyber Security & Forensics Association (KCSFA) & Kenya Magistrates & Judges Association (KMJA) on the 28th of May 2020 the legal & technical aspects of Email Security was ably addressed by Hon Justice Fred Ochieng & Mr Silvanus Sewe. The session was moderated by KMJA President Hon Justice Jacqueline Kamau & KCSFA Chairperson Mr Keniz Agira. You can view the recorded session here.

    What legal statutes guide the presentation of emails as digital evidence?

    Emails fall under the larger group of documentary evidence referred to as Digital evidence. The various principles that determine the admissibility of this type of evidence are laid out in various sections & sub-sections of the Evidence Act, namely S78A & S106B of the act.

    Section 78A goes on to set out that Electronic Evidence shall be admissible before a court of law & it need not be in it’s original form. In addition to this, it sets out that in addition to being admissible, the weight attached to that evidence shall be dependent upon certain factors i.e.

    (a)the reliability of the manner in which the electronic and digital evidence was generated, stored or communicated;
    (b)the reliability of the manner in which the integrity of the electronic and digital evidence was maintained;
    (c)the manner in which the originator of the electronic and digital evidence was identified; and
    (d)any other relevant factor.

    Further, it states that this electronic evidence is admissible during any civil, criminal, administrative or disciplinary proceedings.

    Section 106B then proceeds to state the conditions for admissibility of electronic evidence i.e.

    1. Doesn’t have to be in its original form.

    2. The electronic evidence was produced by the computer which during the period of the alleged incident was known to store that particular kind of evidence by someone who had lawful control over that particular device(computer)

    3. That the computer during that period of interest was working properly & if not working properly, that it’s ‘deficiency’ did not affect the particular electronic evidence of interest

    In addition to this S106B(4) prescribes that a certificate shall be provided which contains:

    (a)identifying the electronic record containing the statement and describing the manner in which it was produced;
    (b)giving such particulars of any device involved in the production of that electronic record as may be appropriate for the purpose of showing that the electronic record was produced by a computer;
    (c)dealing with any matters to which conditions mentioned in subsection (2) relate; and
    (d)purporting to be signed by a person occupying a responsible position in relation to the operation of the relevant device or the management of the relevant activities (whichever is appropriate)

    Emails(Legal-Technical Aspect)

    These can be classified into two: Internal emails & Internet emails. Internal emails are organization-specific i.e. 123@judiciary.go.ke while internet emails are available to general pubic use i.e. 123@gmail.com etc.

    As far as the presentation of emails as electronic evidence is concerned, they have to adhere to the dictates of the aforementioned sections of the Evidence Act. In particular, the presentation of a certificate which requires the signature of someone who was occupying a responsible position in relation to the operation of the relevant device.

    In the case of Internal Emails , the IT officer in that organization responsible for the maintenance of the mail servers or any duty that includes email management should be the person “…occupying a responsible position..”

    In the case of Internet emails, this could be the email service provider if the request to obtain email contents went through them. However in some cases, internet email data is stored locally on disk & there is no need to contact the email provider. The individual in this case who handles the extraction of this data & analyzes it will be considered the person “…occupying a responsible position..”

    In addition to the signature of the individual “…occupying a responsible position..” , the other aspects of the certificate must be included as well as set out in S160B(4).

KCSFA Instagram Account