Africa Defense Forum
ADF is a professional military magazine published quarterly by U.S. Africa Command to provide an international forum for African security professionals. ADF covers topics such as counter terrorism strategies, security and defense operations, transnational crime, and all other issues affecting peace, stability, and good governance on the African continent.

Cyber Threats Increase as Russia, China Train New Criminals

ADF STAFF

Cybercrime is expected to cost continental governments a total of $10.5 trillion annually by 2025, an increase from $3 trillion in 2015, according to the African Union.

The rise in cybercrime coincides with increased efforts by Russia and China to train new criminals on the continent to interfere in democratic elections, launch ransomware attacks and commit cyber-enabled financial fraud, according to a new report by Microsoft. Experts warn that this could lead to increased threats to African governments, economies and militaries.

These newly trained hackers are known for “prepositioning backdoors for future destruction, sabotaging operations and conducting influence campaigns,” Tom Burt, Microsoft’s vice president of customer security, wrote in the company’s annual digital defense report.

Last year, Kenya’s government countered a large-scale cyberattack that affected services on its eCitizen portal — used by the public to access more than 5,000 government services — for nearly a week, the BBC reported.

The attack affected the government’s ability to approve and renew passport applications, issue e-visas for visiting foreigners, and issue driver’s licenses, identification cards and health records, among other things. Disruptions to train-booking systems and mobile-money banking services also were reported.

A group known as Anonymous Sudan claimed responsibility for the attack. It promotes itself as a group of Sudanese cyber defenders, but it is believed to have ties to Russia, which it outwardly supports, the BBC reported.

According to the Microsoft report, the Sub-Saharan country most affected by nation-state cyber threat actors over the past year was South Africa, followed by Ethiopia, Angola, Kenya and Nigeria, but cyberattacks and cyber-related crime can happen anytime, anywhere.

In April, Zambian authorities uncovered a sophisticated internet fraud syndicate and arrested 77 people, including 22 Chinese nationals, the BBC reported.

It was a “significant breakthrough in the fight against cybercrime,” authorities said after raiding the Chinese-run company. Thousands of SIM cards and devices that let callers disguise their location were among the equipment seized. The firm employed Zambians who believed they were going to work in a call center.

Emerging cyber threats are not be easily countered, especially as hackers’ use of artificial intelligence (AI) grows more sophisticated.

AI can help hackers in many ways, such as by developing highly tailored social media profiles with which to contact thought leaders, subject-matter experts and other high-value targets for social engineering, the Microsoft report said. AI-enabled deepfake tools also can be used to create fake social media profiles that impersonate people known to the target.

“Nation-state threat actor groups, such as those backed by Russia, Iran and China, are increasingly incorporating AI-generated or enhanced content into their influence operations in search of greater productivity, efficiency and audience engagement,” the Microsoft report said.

Taizi Flood, a China-affiliated hacker group, uses AI to generate virtual news anchors for its online campaigns. It operates 175 websites in 58 languages globally and has continuously mounted reactive messaging campaigns around high-profile geopolitical events, often portraying the U.S. in an unfavorable light while furthering Beijing’s interests, according to Microsoft.

AI also can be used to detect and understand cyberattacks. Once it identifies a potential threat, AI can take prescribed actions, such as preventing deletions, logging off suspicious users and notifying operators of the suspected activity.

“The African continent lags behind in many aspects related to cyber capacity, but there is a great need of investments in cybersecurity awareness raising initiatives, cybersecurity education and training, and collaboration on cyber defense and combating cybercrime,” Laban Bagui, senior research fellow at the Cybersecurity Capacity Centre for Southern Africa, told the Atlantic Council.

Bright G. Mawudor, founder of AfricaHackOn, a Kenyan computer security firm, said the culture of cybersecurity is changing dramatically across the continent and that governments should invest in young people.

“Investing in growing cybersecurity talent will change the landscape in the long run,” Mawudor told the Atlantic Council.

You might also like

Comments are closed.