As the country continues to delay the implementation of the Information and Communication Technology (ICT) Policy as well as gazetting the long overdue Cyber Bill, information gathered by 263Chat revealed that Zimbabwe is the most hack-able country in the world.
Such news is not shocking to local ICT experts considering the ignorance being prophesied by local businesses and the government itself when it comes to cyber security issues.
In 2017 alone, several local websites including the Zanu PF site, The Parliament of Zimbabwe, National University of Science and Technology, Harare Institute of Technology and may other local websites were taken over by online rogue elements demanding payment first before ceasing control of the domains.
Rapid 7 LLC, a US based ICT consulting firm recently ranked Zimbabwe as the first most hackable country out of the world’s 183 countries in its 2017 National Exposure Index. This is caused by complacency on the part of website builders and companies who leave their sites when building their network infrastructures.
The firm also stated that Zimbabwe is mainly vulnerable due to the continuous use of insecure public IPv4 addresses. Just in simple terms, an IP Address is a a special number assigned to network devices for them to be able to communicate within a certain network range or over the Internet.
The first version of IP Addresses called the IPv4 addressing scheme has been using an communication protocol called Telnet which highly vulnerable for penetration by hackers. However, more secure protocols like Secure-Shell (SSH) have been developed to counter the insecurities of Telnet but its so sad that many local firms continue to legacy protocols which are weakest points of penetration for hackers.
Zimbabwe has close to 89,000 pubic IPv4 addresses assigned to it by the Internet Corporation for Assigned Names & Numbers. Out of that number, Rapid 7 LLC reports that close to 4,000 communicate via Internet Protocol Port 23 which belongs to the Telnet communication function which is no longer secure at all.
In general, the Telnet protocol grants access to a command line interface of any Operating System running on a remote host. This include granting access to all network equipment and user devices operating in that network.
Telnet is a communication utility which rides on Windows operating systems which before Windows 7. In relation to Zimbabwe, most banks and organizations run their servers on lower OS than Win 7 such as Windows XP and lower versions of Linux.
Such poor adherence to global ICT trends left Zimbabwean banks and other organizations open to the WannaCry global virus attack which sends shocking waves across nations in 2017.
One of the major drawbacks to Zimbabwe’s poor progression in the ICT industry can be mainly attributed to the government’s poor response to global technological trends. Red tape is still stalling the implementation of the country’s first ever ICT Policy and Cyber Bill which have been a borne of contention since Nelson Chamisa’s era.