Opinion / Columnist
Bulawayo Poly a Cyber Security Risk
18 Aug 2021 at 12:07hrs | Views
As we were scanning through cyberspace we tested the vulnerability of the Bulawayo Polytechnic campus portal. This serves to notify you that your educational portal is completely insecure (see attached proof of entry) and we would like to take you through the vulnerabilities that can be exploited by a basic ICT person.
We are able to enter your system without a username and password as a student and we can also enter your lecturers portal without a username and a password. With this kind of vulnerability, students can change their grades or do anything with your respective system that has a long-term repercussion on their education. Attached is proof that we were able to enter the system with ease and imagine if we were cybercriminals and what would have happened.
To introduce myself, my name is Engineer Jacob Kudzayi Mutisi I am an ICT professional and the current ICT chair for the Zimbabwe Institution of Engineers, The chair for the Zimbabwe Internet Service Providers Association, and the Chief Executive officer of Hansole Investments which is a leading ICT company in Zimbabwe.
This email serves to form you that this is an urgent matter which will need your urgent attention. We are prepared to demonstrate these vulnerabilities through a zoom meeting since we are in Harare and provide with the possible solutions that will protect your education lecturer and student portal system.
To discuss this further you can call/WhatsApp me on +263772278161 or email me on jkmutisi@hansole.org
Regards
Engineer Jacob Kudzayi Mutisi
We are able to enter your system without a username and password as a student and we can also enter your lecturers portal without a username and a password. With this kind of vulnerability, students can change their grades or do anything with your respective system that has a long-term repercussion on their education. Attached is proof that we were able to enter the system with ease and imagine if we were cybercriminals and what would have happened.
To introduce myself, my name is Engineer Jacob Kudzayi Mutisi I am an ICT professional and the current ICT chair for the Zimbabwe Institution of Engineers, The chair for the Zimbabwe Internet Service Providers Association, and the Chief Executive officer of Hansole Investments which is a leading ICT company in Zimbabwe.
This email serves to form you that this is an urgent matter which will need your urgent attention. We are prepared to demonstrate these vulnerabilities through a zoom meeting since we are in Harare and provide with the possible solutions that will protect your education lecturer and student portal system.
To discuss this further you can call/WhatsApp me on +263772278161 or email me on jkmutisi@hansole.org
Regards
Engineer Jacob Kudzayi Mutisi
Source - Engineer Jacob Kudzayi Mutisi
All articles and letters published on Bulawayo24 have been independently written by members of Bulawayo24's community. The views of users published on Bulawayo24 are therefore their own and do not necessarily represent the views of Bulawayo24. Bulawayo24 editors also reserve the right to edit or delete any and all comments received.
