Africa Faces High-Tech Enemies
Extremists Are Weaponizing Technology, Social Media and Even Video Games In Their Attacks
More than 30 websites in Mozambique, including the Defense Ministry’s, went down February 21, 2022, after being targeted by hackers.
An image of a man wearing a headscarf and holding a machine gun appeared on the site along with the words “hacked by Yemeni hackers.” The targets included the portals of the national disaster management, roads administration and water agencies, as well as the Defense Ministry and the National Institute of Land Transport.
Officials said there was no loss of information or leak of citizens’ personal data but noted that it was the country’s first cyberattack of that magnitude. Analysts called on the government to strengthen cybersecurity amid fears that the hackers might be associated with terrorists.
As experts and researchers warn of a future in which extremists in Africa will use readily available technologies to advance their causes, other experts say it already has happened.
Extremists are using drones for surveillance. They’re using social media for propaganda and to livestream events. They’re making videos for recruitment and instructions. They’re using communication tools to plan raids. In the future, experts say, commercial drones will be weaponized, and 3D printers will be used to make assault rifles.
It starts with the most common and versatile tool of all: a cellphone. As author Audrey Kurth Cronin noted during a May 2021 presentation by the Africa Center for Strategic Studies (ACSS), “Everyone has a powerful computer in their pockets.”
A smartphone might not seem like a formidable weapon, or even a particularly sophisticated one, but it combines a computer, a precision timepiece, a camera, internet access, GPS, money transfer applications and more. It also eliminates insurgents’ need to maintain radio communications equipment.
Extremists, experts say, use mobile phones for a wide range of purposes. One of them is to accept payments and transfer cash when they extort citizens for “tax payments” in remote areas they control.
Researcher Seth Harrison, writing for the Center for Strategic and International Studies, reports that groups such as the Islamic State group capitalize on readily available technology for propaganda and instructional purposes.
“These operations require little training or tactical planning, involve crude tools — like knives or cars — and can be conducted by anyone, anywhere. The combination of simple operations and increased communicative capacity has made terrorism accessible to the masses.”
Two brothers used an al-Qaida online video, “How to Build a Bomb in Your Mom’s Kitchen,” to build a bomb they triggered at the Boston Marathon in 2013.
Technology experts warn of extremists using easily available commercial drones to conduct surveillance and plan attacks. In the future, they say, drones could be used in Africa to transport small amounts of explosives and in assassinations.
ALREADY IN USE
It helps to divide technology into two groups: open and closed. Closed technology is unavailable to almost everyone but governments and includes nuclear weapons, major weapons systems, fighter jets and radar. Open technology is available to anyone and includes GPS systems, the internet, smartphones and microchips. Although closed technology occasionally has fallen into the hands of extremists, for the most part, open technology poses the biggest problems.
Although nonstate actors are a primary concern, they are not the only problem. As Nathaniel Allen of the ACSS noted in a January 2021 report, “The greatest concerns surrounding cyber espionage in Africa have been linked to China.”
In 2018, it was reported that all content on the servers in the African Union’s headquarters was being routinely transmitted to Shanghai, China, after network engineers noticed a spike in use during off-hours. Although engineers replaced the servers, Chinese hackers continued to spy on the AU in 2020 by stealing footage from surveillance cameras. They hid their tracks by transmitting the information back to China during normal business hours. A Chinese hacking group called Bronze President was to blame, according to Reuters, which said the surveillance covered “AU offices, parking areas, corridors, and meeting rooms.”
In June 2020, the Ethiopian Information Network Security Agency stopped a cyberattack from the Egypt-based Cyber Horus Group. Allen wrote that the attack, Ethiopian authorities said, was part of an attempt to put “economic, psychological, and political pressure on Ethiopia” over the filling of the Nile River’s Grand Ethiopian Renaissance Dam.
Ethiopian authorities said they prevented a broader attack, yet the Cyber Horus Group managed to hack into a dozen or so government webpages, posting messages threatening war if Ethiopia began filling the dam.
A LACK OF TECH
Anouar Boukhars, a professor of counterterrorism and countering violent extremism at the ACSS, noted that extremists in Africa are using cyber technology for training, propaganda, recruitment, financing and planning. He said extremists use information technology to control the pace and narrative of violence and that Boko Haram used cyber sabotage as early as 2012.
Boukhars said most extremists’ cyberattacks in Africa have been fairly unsophisticated. He said although it can be assumed that extremists would like to have military-grade drones, such devices are costly to build, operate and monitor. Extremists are more likely to use commercial-grade drones. Even advanced government military operations are beginning to use civilian-grade drones.
Dr. Christopher Anzalone, a research assistant professor at Marine Corps University in Quantico, Virginia, said that al-Shabaab is among the most aggressive extremist groups in adopting technology for recruitment. Their propaganda films’ polished appearance resembles “pseudo-documentaries,” he said.
Anzalone said al-Shabaab also continues to rely on low-tech means — radio broadcasts and simple photography — to get its message out. But the group was an early adapter of Twitter, he noted, and live-tweeted its 2013 attack at Westgate Shopping Mall in Nairobi, Kenya, where 67 people died before four masked gunmen were killed.
A study at the University of North Carolina at Chapel Hill found that terrorist groups are lifting elements from popular video games, especially the popular Call of Duty series, to use for recruitment and practice. First-person shooter video games are played by millions of people, generally under the age of 30 and overwhelmingly male — a critical demographic for extremist groups.
The Radicalisation Awareness Network (RAN) said games such as Call of Duty and Grand Theft Auto let users create their own modifications, which can be abused by extremists. “This tactic places powerful (gaming) engines at the disposal of extremists,” the network reported.
“Extremist mods garner press attention and give the illusion of credibility and technical competence to those unfamiliar with the ease with which mods can be created,” RAN reported in 2020. “It is unclear if modded games have ever had an impact on recruitment beyond propaganda.”
Many such networked games include a chat feature, allowing players to communicate with each other. “Recruiters can target people on open platforms, and they start building relationships before inviting these people to more closed-off environments,” RAN said.
On a more basic level, the realism of modern video games is such that players intent on real-world violence can practice their tactics while playing. Terrorist Anders Breivik, who murdered 77 people in Oslo, Norway, in 2011, trained for his rampage by playing Call of Duty. In a manifesto Breivik wrote, he called Call of Duty: Modern Warfare 2 “probably the best military simulator out there” and said he viewed the game as “part of my training-simulation.”
Research shows that national governments need to be more proactive to protect themselves from cyberattacks. In the past 10 years, legal website JD Supra reports, 33 African countries have passed laws and adopted regulations on cybersecurity, cybercrime, electronic transactions and data protection.
Economists and technology professionals have urged African countries to ratify the Malabo Convention, which has been described as one of the world’s most elaborate cybersecurity accords. Its purpose is to establish a “credible framework for cybersecurity in Africa through organization of electronic transactions, protection of personal data, promotion of cyber security, e-governance and combating cybercrime.”
So far, only eight African countries have ratified the Malabo Agreement. For it to come into force, at least 16 African countries must adopt it.
Allen of the ACSS said there aren’t enough highly trained cyber professionals available to combat threats. The continent is in a race to catch up.
“The lack of an effective response is due, in part, to deficits in capacity,” Allen wrote. “The continent faces a growing 100,000-person gap in certified cybersecurity professionals. Many organizations, businesses, and agencies lack basic cyber awareness and fail to implement rudimentary cybersecurity measures. Governments frequently fail to monitor threats, collect digital forensic evidence, and prosecute computer-based crime. Ninety-six percent of cyber security incidents go unreported or unresolved, meaning that cyber threats in Africa are likely much worse than recognized.”
A particular concern will be in striking a balance between stopping cybercrimes and cyberattacks while preserving human rights. Cyber terrorists, Boukhars said, need to be defined with “precision” so that ordinary citizens do not have their rights restricted. He noted that surveillance technologies frequently have been used to restrain legitimate political dissenters.
Cronin said governments can “overcorrect” on surveillance, spying on their own citizens. Such spying destroys the legitimacy of a government and its rule of law. She said that government legitimacy must be maintained by balancing going after bad actors and preserving human rights.
Interpol Identifies Top African Threats
Interpol’s African Cyberthreat Assessment Report 2021 identifies the most prominent threats in Africa, based on input from Interpol member countries and data drawn from private sector partners.
Online scams: Fake emails or text messages claiming to be from a legitimate source are used to trick individuals into revealing personal or financial information.
Digital extortion: Victims are tricked into sharing sexually compromising images that are used for blackmail.
Business email compromise: Criminals hack into email systems to gain information about corporate payment systems, then deceive company employees into transferring money into their bank account.
Ransomware: Cybercriminals block the computer systems of hospitals and public institutions, then demand money to restore functionality.
Botnets: Networks of compromised machines are used to automate large-scale cyberattacks.
Africa Slow to Ratify CyberSecurity Rules
The African Union adopted the African Union Convention on Cybersecurity and Personal Data Protection, also known as the Malabo Convention, in Malabo, Equatorial Guinea, on June 27, 2014.
Its objective is to set out the critical rules for establishing a safe digital environment and address the gaps in the regulation and legal recognition of electronic communications and electronic signatures. It is also concerned with the absence of specific rules that protect consumers, intellectual property rights, personal data and information systems, and privacy online.
Currently, only eight African countries have ratified the agreement.
The Africa Data Security Conclave says that the key provisions of the Malabo Convention include:
- Setting forth security rules essential to establish a credible digital space for electronic transactions, personal data protection and combating cybercrime.
- Establishing a legal framework aimed at strengthening fundamental rights and public freedoms, protection of physical data, and punishing any violation of privacy “without prejudice to the free flow of personal data.”
- Adopting legislative and/or regulatory measures as they deem necessary to put specific responsibility on institutions and their officials in relation to their responses to cybersecurity incidents.
- Promoting accountability in matters of cybersecurity at all levels of government by defining their roles and responsibilities in precise terms.
- Establishing a national protection authority as an independent administrative entity tasked with ensuring that processing of personal data is duly regulated.
- Developing public-private partnerships as a model to engage industry, civil society, and academia in the promotion and enhancement of a culture of cybersecurity.
- Forming international partnerships that aim to regulate issues of double criminal liability, exchange of information between countries and response to cyber threats.