The National KE-CIRT/CC

Tel Hotlines: +254-703-042700, +254-730-172700
incidents@ke-cirt.go.ke

Glossary

A


Access
Instruct, communicate with, store data in, retrieve data from, or otherwise make use of any of the resources of the computer system.

Access control
The process of granting or denying specific requests for or attempts to: 1) Obtain and use information and related information processing services; and 2) enter specific physical facilities.

Access control mechanism
Security measures designed to detect and deny unauthorized access and permit authorized access to an information system or a physical facility.

Active attack
An actual assault perpetrated by an intentional threat source that attempts to alter a system, its resources, its data, or its operations.

Active content
Software that is able to automatically carry out or trigger actions without the explicit intervention of a user.

Automated transaction
An electronic transaction conducted or performed, in whole or in part, by means of a data message in which the conduct or data messages of one or both parties is not reviewed by a natural person in the ordinary course of the natural person’s business or employment.

B


Blacklist
A list of entities that are blocked or denied privileges or access.

Bot
A computer connected to the Internet that has been surreptitiously / secretly compromised with malicious logic to perform activities under remote the command and control of a remote administrator.

Botnet
A collection of computers compromised by malicious code and controlled across a network.

Bug
An unexpected and relatively small defect, fault, flaw, or imperfection in an information system or device.

C


Communication log
A record of communication events in a certain scope, excluding the content of those communications, in order to provide an audit trail that can be used to understand the activity of a system.

Computer data
It is any representation of facts, information, concepts, elements, state, or instructions in a form suitable for communications, interpretation, or processing in a computer program or part of a program, computer, or computer system, suitable to cause a computer program, computer, computer system, or network to perform a function, process, and/or operation Computer data shall  include but not be limited to flowcharts, architectures, program hierarchies and interfaces, libraries, directories, topologies, taxonomies, process flows, internal controls, and metadata.

Computer program
A set of coded instructions, whether in machine readable or human readable formats (source code or object code), that enables a computer, computer system, and/or network to process computer data, traffic data, and/or content data to cause such computer, computer system, and/or network to perform a function and/or operation.

Computer system
A device or collection of devices including input and output devices but excluding calculators which are not programmable and capable of being used in conjunction with external files which contain computer programmes, electronic instructions and data that perform logic, arithmetic, data storage, data retrieval, communication control and other functions;

Consumer
 A natural person who enters or intends to enter into an electronic transaction with a supplier as the end user of the goods or services offered by that supplier;

Content data
Any data whether in digital, optical, or other form, including metadata, that conveys essence, substance, information, meaning, purpose, intent, or intelligence, either singularly or when in a combined form, in either its unprocessed or processed form. Content data includes any data that conveys the meaning or substance of a communication as well as data processed, stored, or transmitted by computer programs.

Critical Internet resources
Cyber infrastructure that is essential to vital services for public safety, economic stability, national security, and international stability and for the sustainability and restoration of critical cyber space.

Cyber café
A facility that offers Internet access on computers that it owns for a fee.

Cybercrime
Any activity in which a computer system or network are a tool, a target or a place of criminal activity. This shall include offences against the confidentiality, integrity and availability of computer systems and copyright-related offences.

Cybersecurity
Collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment.

CERT
Computer Emergency Response Team (as distinct from CERT, a registered trademark owned by Carnegie Mellon University)

Constituency
These are the people or organizations serviced or supported by the CIRT.

D


Data message
Information generated, sent, received or stored by electronic, magnetic, optical or similar means, including, but not limited to, electronic data interchange, electronic mail, telegram, telex or telecopy.

Disruption
An event that causes a computer program, computer, computer system, network, or component thereof, to be inoperable, or operate in an unintended manner, for a length of time due to destruction of and/or interference with a computer program, computer, computer system, network, computer data, content data, and/or traffic data.

E


E-commerce
Buying and selling of goods and services over an electronic network.

Electronic communication
Any communication that the parties make by means of data messages

E-Government
Refers to the use by government of information and communications technologies to deliver its services and relate with citizens, businesses and other arms of government.

Electronic transaction
Is the sale or purchase of goods or services, whether between businesses, households, individuals, governments, and other public or private organizations, conducted over electronic networks. The goods and services are ordered over those networks, but the payment and the ultimate delivery of the good or service may be conducted on or off-line.

I


 Information system
System for generating, sending, receiving, storing or otherwise processing data messages.

Interception
The acquisition, viewing, capture, or copying of the contents or a portion thereof, of any communication, including content data, computer data, traffic data, and/or electronic emissions thereof, whether by wire, wireless, electronic, optical, magnetic, oral, or other means, during transmission through the use of any electronic, mechanical, optical, wave, electromechanical, or other device.

Internet number resources
Refers to Internet Protocol version 4 (IPv4) addresses, Internet Protocol version 6 (IPv6) addresses, Autonomous System Numbers (ASNs) and, Internet Protocol Service Names and Internet Protocol Service Port Numbers.

L


 Loss
Any reasonable costs, including, but not limited to, the cost of responding to an offense under this Law, conducting an investigation or damage assessment, and/or the cost of analyzing, restoring, replacing, or reproducing computer data, content data, traffic data, a computer program, computer, computer system, or network to its condition prior to the offense, and/or other consequential damages incurred by an individual or entity arising from damage, interference, disruption, interception and/or the destruction of computer data, content data, traffic data, a computer program, computer, computer system, network, and/or other information.

N


National KE-CIRT-CC
This refers to the National Kenya Computer Incident Response Coordination Centre whose mandate is to coordinate response and manage cyber security incidents nationally and to collaborate with relevant actors locally, regionally and internationally. The National KE-CIRT/CC is Kenya’s national cybersecurity trusted point of contact.

National CIRT Coordination Centre
Refers to a trusted point of contact for a given country at which national stakeholders, regional community as well as international counterparts and network managers can use to report incidents affecting or originating from the country. It needs to be a neutral and independent entity whose task is to operate for the benefit of its own country’s citizens, industry and public administration in information security and critical network infrastructure matters. National CIRTs in general are more approachable by all stakeholders (public, private sector and other users).

Network
A group of computers or computer systems of whatever form, topology, or functionality that is connected at points (nodes) which have the capability to transmit, receive, share, or forward information, communication signals, and operational instructions.

O


 Originator
A person by whom or on whose behalf, a data message is sent or generated prior to storage, other than a person acting as an intermediary in respect of that data message.

 Public wi-fi hotpsot
A site that offers Internet access to the public over a wireless local area network.

S


 Sector CIRT
This refers to any Cybersecurity management framework or a CIRT that serves a particular industry. This include law enforcement CIRT, Banking industry CIRT, Telecommunications Operators CIRT, Internet Service Providers CIRT, Academia CIRT, etc. These sector specific CIRTs are coordinated by the KE-CIRT CC

Stakeholders
These are individuals or groups with an interest in the success of the national CIRT and its mission. Stakeholders can be those who will report to the CIRT, receive help from the CIRT, provide funding and sponsorship to the CIRT, or interface with the CIRT through information sharing or the coordination of incident and vulnerability handling activities.

Security Incident
Security incident is an event that impacts on the confidentiality, integrity or availability of an ICT system through an act that contravenes prescribed security policy.

Service provider
Any public or private entity that provides to users of its service the ability to communicate by means of a computer program, computer, computer system, or network, including the services that support the development or utilization of computer programs and/or the creation, storage, retrieval, processing, management, and deletion of computer data, traffic data, and content data; and/or any other entity that processes or stores computer data, content data, or traffic data on behalf of such service as set forth in this paragraph or users of such service.

Subscriber information
Any information contained in the form of computer data or any other form that is held by a service provider, relating to subscribers of its services, other than traffic data or content data, and by which can be established:

T


Third-party
In relation to a service provider, means a subscriber to a service provided by the service provider or any other user of the service provider’s services or a user of information systems;

Traffic data
Any computer or other data relating to a communication by means of a computer program, computer, computer system, or network, generated by a computer program, computer, computer system, or network that formed a part in the chain of communication, indicating the communication’s origin, destination, route, format, intent, time, date, size, duration, or type of underlying service.

W


Watercraft
Refers to ships, boats, rafts, hovercrafts, submarines or other vessels that travel on water.

Powered by ITU/IMPACT

UN ITU ITU IMPACT