Author: Admin

How Cyber Attacks such as Ransomware could affect Electronic Voting.

The use of information and telecommunication technology in electoral processes is essential in promoting efficiency. Its effectiveness is however, compromised by its susceptibility to cyber-attacks such as ransomware. Electronic voting otherwise known as e-voting encompasses a variety of online platforms to aid the conveying of data to and from the electoral commission. E-voting opponents argue that the results of such elections are unsatisfactory since an electoral system that depends on software is exposed to election fraud.

The mere dependence of various voting systems on ICT tools predisposes them to cyber threats. Vulnerabilities in an electoral system can help unethical hackers manipulate data hence undermine voters’ confidence. The prominence of cyber attacks on elections has been a cause of concern after allegations were made that the US 2016 elections were manipulated in support of the existing President Donald Trump. The 2020 US elections are also at a risk of being influenced by foreign interventions if the electoral body does not mitigate the risk.

Ransomware attacks can cripple the election process by withholding the victim’s data until a ransom is paid, usually in bitcoin or any other cryptocurrency. It infects a storage device, be it a server or database, through unsecured links or malicious email attachments.

Hackers may also influence the election process in the following ways;

  • Prevent citizens from accessing polling stations
  • Alter information on voting processes, location and time
  • Spread inappropriate information to undermine voters’ trust in the voting system

In 2018, voters in Mexico received misleading information meant to invalidate votes. They were informed that they could vote on behalf of their deceased loved ones, that the security of the ballot had deteriorated and that the marking of the ballot papers had changed (Verificado 2018).

In a related incidence, domestic political actors in an attempt to suppress voter turnout sent automated text messages to voters in Canada informing them that the polling stations had changed (International IDEA 2019). It should therefore, be noted that the perpetrators of cyber attacks are not only foreigners but also individuals who have access to various election-information systems and servers. This implies that inside groups targeting a specific electoral process may manipulate the data for their personal needs.

How governments should mitigate cyber attacks during voting.

  • Frequent staff training and cyber health: ensuring that no member of staff performs critical duties alone and incorporating efficient background checks on employees with administrative clearances.
  • Securing open networks: encrypting classified information and air gapping/ minimizing the presence of extremely important technology on the internet.
  • Thorough inspection and auditing of suppliers: government’s internet service providers should be audited regularly to prevent coordinated cyber threats.
  • Monitoring social media platforms: governments should monitor online platforms including the dark web to notice information leaks and prevent organized attacks.
  • Interagency collaboration: governments should form partnerships with civil societies, candidates , cyber security firms and organizations in the private sector which are competent in cyber security before the occurrence of a cyber threat.

Ransomware misfit economy, the new challenge to Business Sustainability in Kenya and Africa.

The advancement of technology has influenced the world in many positive ways. It has simplified communication for individuals and relatives across the world; Social media has enabled people to be up to date with information. Mobile phones have enhanced connectivity among people. From the business angle, technology has opened up markets and enabled more collaboration and opportunities. Cloud storage and business optimization tools have made work easier and saved businesses a lot of money

On the flip side, technology has exposed businesses and individuals to Illegal vices such as cyberbullying, identity theft and other types of cybercrimes. It has become so bad that cybercrime is now one of the biggest threats facing businesses survival today. According to data from Beaming, and Internet solutions provider, UK companies alone faced 146,491 attempted attacks in the second quarter of 2019, up from 52,596 in 2018. Ransomware has however become one of the biggest misgivings of the reliance on technology and digital-based solutions. In 2017, over 19 companies in Kenya were affected by the WannaCry ransom attack according to the Communications Authority of Kenya (CAK). The attackers were demanding about $300 (Sh30,000) in ransom to unlock affected devices. The ransom was only payable through Bitcoin.

For starters, ransomware is a type of malicious software that encrypts a computer system or data and blocks its access from a victim. They are mostly spread through phishing emails or visiting an infected website. Victims are then demanded to pay a ransom within a stipulated time to be given back access. Since they have become very common today, many major companies in Kenya and the world over including government agencies have faced some sort of ransomware attack.

The end goal of all ransomware attacks is mostly monetary and the victim is contacted and given instructions of how to recover their documents after paying a certain amount of money through untraceable Cryptocurrencies such as Bitcoin to hide the criminal’s identity.

Here are some of the major ransomware attacks this year.

Some of the major ransomware attacks this year include;

  1. The Baltimore ransomware attack (2019)
  2. Texas ransomware attack (2019)
  3. Florida ransomware attack (2019)
  4. 49 US school districts and educational institutions.
  5. Norsk Hydro Company

One of the most notable attacks is the Norsk Hydro Company, a global aluminium producer where 45m pounds were paid to the hackers according to the BBC News.

In Kenya, most of the businesses are Small and Medium Entreprises (SMEs) who comprise over 80percent of all companies. Even though SMEs may be small, they contribute to over 45 percent of the Country’s GDP. They are also easy to target by cybercriminals because of their lack of preparedness and measures in tackling cybercrime. Very few have put into place any measures to prevent attacks or even understand what ransomware is all about. This is despite them storing very important data on the cloud such as client data and financial information.

Ransomware can be traced back to 1989 when the “Aids virus” was used to extort funds from recipients of the ransomware. Payments for that attack were made by mail to Panama, at which point a decryption key was also mailed back to the user. Attackers have grown creative over the years by requiring payments that are nearly impossible to trace. As some may use cryptocurrencies like bitcoin, others like Fusob ransomware that requires victims to pay using Apple iTunes gift cards instead of normal currencies.

Ransomware can lead to a damaged reputation, exposed confidential data and even collapse of businesses. The sad thing is that with the quest for the use of more cloud-based services and advancement of technology creates more opportunities for cybercriminals to try their luck. Ransomware kits of various types and services are also readily available in the dark web and people even without much IT knowledge can be able to purchase a tailor-made ransomware solution and send it out easily.

What we can now see is the rise of a new cryptocurrency economy like Bitcoin driven by the hackers who are continuously looking for opportunities to infect systems and make a killing while at it. This is therefore awake up call to organisations, whether small or big to take a deeper look at ransomware, identify it as a key challenge facing their sustainability and come up with sustainable ways of mitigating attacks.

What businesses need to do, to prevent ransomware attacks.

For businesses to protect themselves from ransomware and other types of cyber attacks, there is a need to back up all their computing devices, update software regularly and regularly update anti-virus software. These are the first steps towards creating a cyber-extortion free environment for businesses to thrive.

Additionally, workers and Internet users must also be aware not to click on links, emails and attachments from strangers as well as malicious websites.

Lastly, there should be the enactment of internal and external company policies that dictate how data and information are managed and stored to prevent attacks and in the case of one, how to mitigate the effects.

What you need to know about the data protection bill 2018 – Kenya

THE DATA PROTECTION BILL, 2018 Bill for AN ACT of Parliament to give effect to Article 31(c) and (d) of the Constitution; to promote the protection of personal data; to regulate the manner in which personal data may be processed; to provide persons with rights and remedies to protect their personal data; and to regulate the flow of personal information across the borders of the country; and for connected purposes.


The following principles shall guide the interpretation and application of this Act —

  1. Information shall be collected, processed, stored or dealt with in any other manner if it is necessary for or directly related to a lawful, explicitly defined purpose and shall not intrude on the privacy of the data subject
  2. Information shall be collected directly from and with the consent of the data subject;
  3. Where information relating to the data subject is held by a third party, the information may only be released to another person or put to a different use with the consent of the data subject;
  4. The data subject shall be informed of the purpose to which the information shall be put and the intended recipients of that information at the time of collection;
  5. Information shall not be kept for a longer period than is necessary for achieving the purpose for which it was collected;
  6. Information shall not be distributed in a manner that is incompatible with the purpose for which it was collected with the consent of the person and subject to any notification that would attract objection;
  7. Reasonable steps shall be taken to ensure that the information processed is accurate, up-to date and complete; Principles of data protection.
  8. Appropriate technical and organizational measures shall be taken to safeguard the data subject against the risk of loss, damage, destruction of or unauthorized access to personal information;
  9. Data subjects have a right of access to their personal information and a right to demand correction if such information is inaccurate.

Its effect and response on Public Sector i.e. DCI, DPP, Evidence in court etc.

The effect on law enforcement such the DCI if not granted explicit access to user data may mean that for the DCI to carry out investigations may need to consent the owner of the data so as not to infringe his/her right to privacy. However, on matters on National security the law makes it possible for the law enforcement to be granted access to personal data.

However, this being debatable may lead to more time in delivery of investigation results as a result of law battles barring the law enforcement from accessing personal data using court orders especially incases where there is no supportive evidence as to such to make it admissible for the investigation bodies to access the data. This may result to delayed justice or no justice at all.

Its Effect and response on Private Sector i.e. telecommunication companies, data recovery companies, computer forensics industry etc.

According to the Bill, companies will now have to inform users of any personal data they are collecting, the purpose for collecting that data and how long the same will be stored. The law also gives users the right to decline to have their data collected or processed as well as demand to have false data corrected or deleted upon demand.
A person found guilty of interfering with the personal data of others or infringes on their right to privacy will be liable, on conviction, to a fine not exceeding Sh500,000 or to imprisonment for a term not exceeding two years, or to both.
The Bill is, however, mum on penalties or fines subject to corporates found guilty of the same and leaves it to the complaints commission to decide the course of action.
This comes in the wake of a global push to create legislation that safeguard the data and privacy of users as digital technologies become more ubiquitous.

Its effect on data analysts and marketing companies on how they use data they mine from apps, websites etc.

Marketing and data analytics may be required to agree with the user for the two to explicitly access, manipulate and modify the data at will and store the data as per user revocation on the terms of agreements. However, as this industry infringe a lot of privacy on the user data, they make it possible by hiding their terms is long scrolls of which do not attract any need of the user attention. Majority of the users end up agreeing to the terms so as to access his/her information. Unfortunately, ignorance is no defense and the user cannot complain in a court of law of any damaged caused.

How it will affect cyber security.

The Data protection bill may have a positive impact on cybersecurity, as data handling will be safely regulated and does not expose the data to a bigger threat landscape. By minimizing the threat landscape may mean less data exfiltration on data infiltration resulting to a safer cyberspace. However, the confidentiality, Integrity and Availability of data will always be compromised as the Law may not fully cover the data protection implementation procedures, and the ever-growing skills and sophistication of the threat actors

Advantages of the bill

  1. Better data handling and protection by both public and private sector
  2. User right to data privacy ensured
  3. User consent on handling of his/her data ensured
  4. User control on what should happen to his data ensured.

Disadvantages of the bill.

  1. Additional cost to data analytics and market intelligence companies as they bring onboard the user
  2. Delayed justice in law enforcement where the user needs to agree for his/her data accessed

What is the difference between SHR and RAID?

Synology Hybrid RAID or SHR, has been around for a long time now, and however it has not had the huge effect that Synology NAS’ Btrfs file system has, it is as yet an expanding well-known decision for some with regards to ensuring their equipment and their information in a Hard Drive enclosure. The two NAS and DAS use RAID as a type of security from a HDD or SSD damage and the outcomes of data misfortune that can occur. It ought to consistently be featured that both conventional RAID and SHR are NOT types of Backing up and you ought to ALWAYS have an offsite or at any rate off-system mirroring set up making constant data images and duplicates of your critical data. Be that as it may, returning to the current subject, which strategy for redundancy would it be advisable for you to consider for your capacity cluster – RAID or SHR?

What is RAID?

Huge RAID storage for file data storage arrangements RAID, or Redundant Array of Independent Disks, was initially numerous years back as a method for joining heaps of littler discs together to make a lot bigger capacity volume, with redundancy as an auxiliary need. In any case, with the enormous scale development of Hard Drives these most recent 5 years and that’s just the beginning, with Terabytes of data getting to be accessible on single discs, the essential concern of RAID has moved towards data assurance.

It is not necessarily the case that pooling little drives does not still occur, yet with drives right now is possible to purchase an 8TB such at the Seagate Archive Drive, you can perceive any reason why the motivation behind RAID in file and cold storage is increasingly about data assurance.

How does Synology SHR work and how is parity data distributed?

SHR is far more automatic RAID choice and designed for the less technically minded to protect their data from hardware failure, without having to delve to deeply into complex matters like parity and striping. It is also significantly easier to set up and considerably more scalable than traditional RAID.

It is not supported on all Synology NAS server devices but I would recommend checking in advance that your chosen Synology NAS can utilize SHR here. But otherwise if your NAS can support it, SHR arrives with a host of benefits both in terms of deployment speed and in maximum available capacity.

SHR doesn’t arrive in multiple types like RAID, but in just two different versions. SHR and SHR-2. SHR gives you the ability protect your data from 1 lost hard drive and SHR-2 protects you from two. However, the key strengths in a Synology SHR RAID setup is:
You only need two disks to build an SHR array and after that you can add drives to the Synology Hybrid RAID at any time.

In an SHR Volume, you can mix and match Hard Drives and let the calculations of the SHR layer do the work. This isn’t just at the moment of installation, but anytime you like. So, if you have for example 4 x 2TB drives in an 8-Bay enclosure and at a later date add 4x 4TB drives, not only will you be able to add these larger drives of any BRAND or speed, but also get the much, much bigger total capacity made available to you.

With an SHR RAID, regardless of the mixing of the drives, in terms of redundancy vs Capacity, you will only lose 1x the largest drive. Whereas in a RAID 5 if you mixed drives, ALL of them will be viewed and RAID’ed as the smallest available drive and you still only have redundancy for a single drive. So, in practice:
Like traditional RAID, SHR will provide you with the ability to protect your data from the loss of a single HDD or SSD. However, with SHR-2 you will be protected from losing 2 HDD or SSD.
Slightly less speed than a traditional RAID. Less than 1% difference between SHR and RAID 5, for example.

SHR vs RAID – Which is better?

And so, down to business. Now you know what SHR and RAID are, what is now important is which should you choose. Both are excellent methods of redundancy and have their own benefits. But lets take a look below at their strength and weaknesses:

SHR Strengths

  1. Faster to setup
  2. Expandable
  3. Ability to mix drives
  4. Greater available capacity when mixing drives whilst still maintaining 1 disk of redundancy
  5. If a drive fails, the Synology can still access the full volume data – though will operate much slower till a replacement drive is installed
  6. Drives can be carrier over to a new SHR supported Synology and the new NAS will see the volume and the data

SHR Weaknesses

  1. A little slower than traditional RAID but equal speed to RAID 5 and 6
  2. You cannot remove the Drives in an SHR RAID and install them in a new non-SHR NAS, they will need to be formatted.

And now onto Traditional RAID
RAID Strengths

  1. Broader options for deployment. More task specific RAID sets like RAID 10 or RAID 50 are possible
  2. Better chance of Hard Drives being recognized in a new NAS/DAS enclosure if you install them in a new unit
  3. Still scalable between RAIDs, but not as much as SHR
  4. On the whole, better Read and Write speeds available
  5. Not just limited to Synology

RAID Weaknesses

  1. You cannot effectively mix drives and to increase the total capacity will in all likelihood only be possible by replacing ALL drives in the array
  2. Cannot access the data after a drive failure until a new drive is installed (exception of RAID 1)
  3. Takes noticeably longer to create a RAID array compared with likewise SHR

RAID or SHR – The Result
Choosing between SHR and RAID on my Synology NAS with Hard Drive Media It probably won’t come as an enormous shock when I say that I recommend using SHR when using a modern Synology NAS. The benefit in the scaling options alone made it a real standout choice for me and for those who are brand faithful, you would only make it more convincing. Traditional RAID is still very relevant and very, very useful. But if you have the option to adopt SHR in your NAS setup, I urge you to do so at the point of installation.

What Happens When Hard Disk Fails in RAID 5

We are going to look at what happens when a disk happens to fails in RAID 5? How many disks can fail in RAID 5?

Raid basically means Redundant Array of Independent Disk. It’s a system that enables you to increase reliability. It allows you to combine many physical disk into an array to work as a single logical disk. i.e. this makes it possible to access the storage as a single partition in the computer/server.

Features of Raid 5

  • Striped distributed parity
  • Supports fault tolerance
  • Supports redundancy/Parity
  • Supports Hot spare options
  • It requires a minimum of 3 disks
  • It offers good performance
  • Incase a disk fails, data can still be recovered.
  • Raid 5 is very common because of the benefits it offers.

What happens when disk fails in raid 5

  • Because of redundancy, the data can be available in cases where a disk happens to fail. A spare disk can be used to reconstruct.
  • In cases where 2 disks fail, it will not be possible to access the data. You will be required to consult a data recovery company to recover the data.
  • Raid 5 can withstand losing 1 disk but not 2 or more.

What are the benefits of using raid 3 in a backup application

Definition – What is the meaning of RAID 3?

RAID 3 is a type of Raid (Redundant Array of Independent Disks) that strips the byte level and store dedicated parity bits on another distinguished drive. Just like RAID 2, RAID 3 must have a special controller that enables synchronized spinning of all the disk drives. Instead of just striping data blocks onto separate disk drives, RAID 3 stripes the bits, which are then stored on different disk drives. This type of configuration is used less often than other RAID levels.

Raid 3 Explained.

Since RAID 3 puts together striping & parity with stored parity bits on an assigned disk, this configuration involves at least 3 individual hard disks – 2 for striping data and 1 for saving parity bits. The disks must be able to spin in sync, so constant read/write (R/W) function establish good performance. However, random R/W functions may take heavy hits in performance.

In real terms, the read speed is way greater than write speeds. reason is it requires checksum calculations, which is a performance hindrance for the entire disk array.

Advantages of Raid 3 include:

  • It has high capability to transfer huge amounts of data
  • Proof against to disk failure & malfunction.

Disadvantages of Raid 3

  • Disk failing are likely to reduce.
  • Disk failures may crucially decrease output.

Can erased data be recovered?

What does Deleted File Recovery mean?

Recovering deleted files is the process of retrieving and restoring files or data that was deleted either via accident, maliciously, virus infection. This process makes it possible for the user to get their data back from their device. Devices that data can be deleted from include, server, hard drives, mobile phones, laptops, sd cards, flash disk etc.

Deleted File Recovery Explained
Deleted data recovery means recovering files that were deleted back. It can be from the recycle bin, or data lost through operating system being formatted.

In most cases, any computer storage system data is not normally deleted from the drive even after emptying the recycle bin and disk formatting. Instead, the file or data that is deleted or formatted from the storage drive removes the access to that location and marks it as available for future data storage needs.

The deleted data can still be recovered as long as new data is not overwritten on the same location. If data is overwritten, it cannot be recovered in a usable condition. When a user deletes or formats their device, its recommended that they stop using or saving new data on the device. The use should consult a data recovery expert before trying anything or purchase data recovery softwares after going through the instructions given.

How long does data recovery take?

Your computer systems happened to crash, your most valuable data is gone and you’re looking to get all your data back…if this is you then you may be asking: how long does data recovery take?

In most cases, data recovery takes approximately 3 to 5 days. However, the time it may take will depend with the issue and the extent of the damage. The data recovery engineers require to have a look at the issue and run a diagnostic on it.

This will help determine the estimated time of recovery.
In short, how long the data recovery process will take will depend on many factors and issues that are involved in the recovery. Here are a list of some of the simple factors that may affect the time of data recovery;

  1. The Size of the Hard Drive
    Bigger hard drives will normally take longer to recover than smaller drives because bigger drives have more sectors to go through when recovering. However, it will also depend with the kind of damage. There are cases where a physical damage on a drive with bad sectors will take long regardless of the size.
  2. The Model or Series of Hard Drive
    Even though most/or all data recovery softwares are made to match industry standards, some hard drive models are faster to recover than others. It all depends with the manufacturer’s technology use.
  3. The Type and Size of Your Files.
    This goes without saying, when a hard drive has a lot of data, it will take longer than which has less. Also, large files such as videos etc may take longer to recover because of their size.
  4. The Environment You Operate Your Computers In.
    The conditions in which the device was being used on also affects the speed of recovery. This is because poor conditions lead to electronic and physical damage that make the recovery process longer.
  5. Data recovery equipment in use.
    Some data recovery equipments are better than others in that they are able to offer all necessary tools to repair and recover the data. Ie firmware for new hard drives etc.
  6. Donor Availability.
    Donor hard drives are normal hard drives that are identified since they match the faulty hard drive or are from the same family. Donors help in repair because their parts are used for repairing. In some cases, some donor hard drives are very rare to come by such as new ones. This may make the process take long.
    When your hard drive fails it’s better to first consult a data recovery engineer because any unprofessional attempt on it may lower the chances of success or even increase the recovery time which becomes more costly for you.

How to recover deleted files from nas drive?

NAS Data Recovery

NAS are reliable storage storages. However, they still can fail. If you cannot access your data from the NAS, you can try to recover the data using special NAS recovery softwares. Generally, NAS data recovery involves removing the disks from the NAS, numbering them, Imaging them, then connecting the images to a PC, and extracting files using data recovery software.

Some of the most common NAS device include;

  1. LaCie
  2. Western Digital
  3. QNAP
  4. Synology
  5. Buffalo LinkStation and TeraStation
  7. Iomega Storcenter
  8. Seagate BlackArmor
  9. Thecus
  10. btrfs-based NAS servers

NAS data recovery using Free or Paid NAS Data Recovery Softwares
Most of these NAS recovery software operate the same. But some may be better than others depending with the features.

Here are the steps;

  1. Get the disks out of the NAS and number them.
    After disconnecting the hard drives from the NAS, you should label them with numbers based on their order when setting up ie 0, 1, 2 etc
  2. Take images of the disks and connect them to a PC.
    This is a standard practice when it comes to raid configuration. It’s best to work with images incase anything happened, you always take another image from the original storages. Any mistake on the original hard drives could render your data unrecoverable.
  3. Download and install NAS Data Recovery software
    Since most NAS devices use md-raid or LVM drivers to handle an array, when choosing a NAS recovery software make such you chose one that supports that.
  4. Select the NAS volume you need to recover and click Start.
    Most software’s will be able to automatically populate a volume of the raid data. You should select it and data should start showing.
    If you can’t see the array in the NAS Data Recovery Software, then you need to recover RAID configuration first. This process is complex and requires special skills. Without the right configuration, one can’t reconfigure the raid. It’s best to consult a professional data recovery company.
    In some case, the Hard Drives could be physically damaged. These faulty disks should not be connected to the PC. However, they should be repaired and an image taken. Raid systems such as Raid 0, require all disk to be available for the process to be successful.

Causes of NAS Failure;
This may happen due to a number of things. Here are some of the most common causes.
• Power outrage:
Power surges may easily lead to NAS failure. Power loss or fluctuation may cause the disk not to integrating to RAID.
• Defective NAS controllers:
Corrupt firmware, operating systems errors, incomplete configuration etc. can also lead to NAS errors.
• Overheating:
Overheating can lead to NAS failure. It’s always advisable to regulate room temperatures.
• User error:
Common errors such as accidental deletion of files and folder can lead to NAS or RAID data loss.
• Manual faults:
When drivers fail, this sometimes causes NAS failure.
• Other natural catastrophes such as fire or water damage or any other natural calamity may lead to NAS failure.

How to get files off a raid hard drive | RAID Data Recovery

What does RAID Data Recovery mean?

RAID data recovery is the process of retrieving and restoring data from a RAID storage device such as NAS, Servers, SAN etc

Data recovery experts use a combination of automated and manual data recovery processes to extract and recover data from one or more RAID drives and storage components. RAID data recovery can be implemented on both hardware- and software-based RAID.

RAID data recovery is unique from the normal data recovery processes as the RAID storage architecture uses a unique and complex method of storing and extracting data. RAID data recovery can be for any of the RAID levels, some of the most common include RAID 0, Raid 1, Raid 5, Raid 6, Raid 10, Raid 50, Raid 60, Raid 5E, Raid 5EE. Raid Failure is usually caused by:

  1. Faulty hard disk
  2. Faulty controllers
  3. Data overwritten
  4. Application/software corruption
  5. Reformatting

RAID recovery generally requires reconstruction of all RAID storage arrays to original or last known good settings and configuration. The individual/software must know the RAID configuration at the hardware, software and firmware level to successfully retrieve data. Identifying the correct RAID array is an essential part of the RAID recovery process.

Since raid is very delicate, it’s not advisable to attempt to recover without the necessary skills, this is because any mistake or wrong rebuilding could render the data unrecoverable. Images of all the disk should be taken before attempting anything. For raid cases, it’s best to consult a data recovery expert.

Scroll to top