A forensic analysis report on electronic equipment confiscated from three Venezuelans arrested at JKIA in July has been issued by the Directorate of Criminal Investigations.
During their arrest, the three Salvador Javier Suarez, Jose Gregorio Camargo Castellano, and Joel Gustavo Rodriguez Garcia were found in possession of electoral materials, according to authorities.
In a statement following their detention, IEBC head Wafula Chebukati stated that the police had taken their computer devices, which were critical in holding the August 9 elections.
Director of the anti-terrorism unit Joseph Kolum detailed seven things collected from the three Venezuelans and disclosed specifics of important information uncovered in them in a detailed account.
One TB external disc, one laptop, six flash disks, three mobile phones, one Tablet, one Simcard, and one monitor are among the things.
According to DCI, the iPhone 13 Max Pro and the laptop seized from them were unlike any other regular gadgets since they were extensively encrypted and were most likely utilized in secure communication.
The laptop and 1TB external disc were found with an IEBC database schematic diagram, IEBC network diagram, IEBC KIEMS kit, IEBC KIEMS kit deployment list, user name and passwords, local IP address configurations and virtual private network (VPN) settings.
“It was established that the flash disks had IEBC data related to what was recovered from the Laptop and ITB external hard disc,” Kolum stated in the report of the analysis seen by the Star and dated August 5.
“The two other phones had call logs, family videos and documents all in the Spanish language.”
DCI also discovered that 19 foreigners had administrative rights in the IEBC system. Only 2 Kenyans had access to the IEBC system.
An iPhone 13 Max Pro recovered from Suarez, DCI says, had phone contacts/call logs of IEBC employees, service providers technical teams from; Safaricom, Telkom Kenya, Airtel Kenya and Thuraya.
Also, the phone had WhatsApp group chats where critical and sensitive information about the IEBC election was being shared.
A laptop seized from Castellano was also found to be in possession of key information regarding the August 9, polls.
DCI findings revealed that Castellano is one of the IEBC system administrators and was in a position to remotely access the entire IEBC data.
He had the capacity to add, delete, edit or manipulate in any manner the entire IEBC system.
Forensic analysis showed that the laptop had an IEBC database schematic diagram, IEBC network diagram, IEBC KIEMS kit, IEBC KIEMS kit deployment list, user name and passwords, local IP address configurations, virtual private network (VPN) settings and Smartmatic Mobile device management(MDM).
Castellano was also found with a hard disk, 1TB, which was found with file folders.
The folders had IEBC election system information as follows; IEBC system Network details, IEBC system Network details, IEBC database development credentials, IEBC KIEMS project schedule, travel details of Jose Gregorio, IEBC VPN access credentials, settings for remote access to IEBC server, results in the transmission system, IEBC dashboard users, IEBC system users’ access rights, IEBC intergraded data management system and updates development.
A mobile phone found with Rodriguez was found with private family photos/images, private family videos, IEBC system configuration, IEBC documents in the Spanish language, Spanish calls logs, Spanish contacts and IEBC election actions plan.
The simcard found with him had Spanish call logs, messages and foreign contact.
The monitor had no information stored in it.
The analysis was done on July 25.
DCI has recommended an urgent forensic audit of the system to check for exploitable vulnerabilities
