Something is up with one Kenyan government website; specifically the one belonging to the Kenya Urban Roads Authority – KURA.
The website seems to have been redirected to the Bank of Africa Kenya website (www.boakenya.com) as of a few hours ago as far as we can tell. I know because I was checking out this website yesterday to respond to a tweet on land in Juja Farm and a bypass that will cut across the land from Athi River to Garissa Road.
According to name-server records on Kenic, this is where the domain points to:
Who-is results for kura.go.ke
Domain Name: kura.go.ke
Domain ID: 21895-Kenic
Updated Date: 2013-10-24T09:38:36.167Z
Creation Date: 2009-12-16T21:00:00.000Z
Registry Expiry Date: 2015-12-16T21:00:00.000Z
Sponsoring Registrar: MTN Business
Sponsoring Registrar IANA ID:
Domain Status: ok
Name Server: ns1.mtnbusiness.co.ke
Name Server: ns2.mtnbusiness.co.ke
Name Server: ns1.iafrica.com
Name Server: ns2.iafrica.com
Sponsoring Registrar URL: www.mtnbusiness.co.ke
Sponsoring Registrar Address: P.O Box 12170-00100 Nairobi
Sponsoring Registrar Country: KE
Sponsoring Registrar Phone: +254.206988000
Sponsoring Registrar Fax:
Sponsoring Registrar Customer Service Contact:
Sponsoring Registrar Customer Service Email:
Sponsoring Registrar Admin Contact: Systems Administrator
Sponsoring Registrar Admin Email: email@example.com
>>> Last update of WHOIS database: 2015-04-21T15:47:10.723Z <<<
A quick check on other government websites reveal that it is indeed not different from the rest reveals that other ministries like Lands & Housing and Water have registered their web addresses with Government Information Technology Services as the Sponsoring Registrar and the name-servers they usually use are always ns1.kenet.or.ke, ns2.kenet.or.ke, and ns3.kenet.or.ke under the Kenya Education Network.
This is the Kenic WhoIs result for Lands Ministry:
Something is definitely a miss and we can only hope this blog-post alerts the authorities in good time.
The last time government websites were hacked, there were a total of 103 websites negatively affected by an Indonesian hacker calling himself Direxer.