Thursday, October 24, 2013

The major reason more and more Zimbabwean web sites get hacked

By Newson Mukono

AT school I figured out that if a question asks:
Show that blah blah = bluh bluh, the answer is Shown. In like manner I think the major reason why more and more Zimbabwean web sites get hacked is because they are so easy to hack! So maybe the right question to ask is "Why are many Zimbabwean websites so easy to hack?"

Just recently, the Zesa enterprises website got hacked. It has become a common trait for Zimbabwean web sites to get hacked like what happened not very long ago with the news, banks, government and other websites. One might ask why? Is it that they hate Zimbabwe? Well hackers hack sometimes for fun, to test their hacking skills or as means of campaigning against a certain group or organisation. Whatever the reason might be; why are so many Zimbabwean web sites so hackable?

One most concrete reason is the platforms or technologies which are used to build these websites. If you look closely at these commonly hacked web sites, they mostly were developed using open source technologies, such as Wordpress, Joomla and other open source blogging platforms. Whilst open source has the advantages of being “FREE” and having a large support base due to the multiplicity of users using them, Open Source is also prone to Open vulnerabilities and Open hacking.
Okay, maybe one does not understand what open source means. It simply means the source code of an application or platform is available to anyone, to see, analyse, find weaknesses and device means to attack it if they so desire.
Take Wordpress for example; because so many people use it because it’s a free platform and considered to be user friendly, so many people discover vulnerabilities and amongst these people are hackers. It’s like developing your website on a platform whose architecture is known by so many people, such an architecture is highly prone to attacks by the so called hackers.  Another limitation with open source platforms is that one can only secure their website as far as the platform tools and widgets permit. Open source web development using blogging tools is more of web assembling than web development.    Open Source guys don’t gnash your teeth on me! Only telling the truth!  I know you told your boss it works like magic!  I pray your boss will not read this! These IT guys! LOL!
So what’s the way out? Whilst open source platforms like word press are cheaper and quicker ways of building and maintaining a web site, they are highly prone to attacks.  If one finds a vulnerability of the wordpress platform, they  can randomly  attack any wordpress site and bring it down! An alternative is to find hard core developers  php, etc. Programmers can devise ways of implementing higher and better security options for your web site to minimise attacks since they have more control over the development process than when using open source platforms like wordpress to assemble a web site.
And I presume, as long as Zimbabwean companies continue to run their websites using these open source facilities, we will frequently hear of hacking cases. If your site is prone to a random attack; what more of a targeted attack! If the availability of your web site is not critical to your organisation, then you can afford those outages and being reported as hacked everywhere, but it can never be the case with say a news website.
 

No comments :

Post a Comment

We welcome your views and comments on this post