In late 2019, Chinese hackers began a years-long campaign to infiltrate Kenya’s government and state institutions. The hackers, who are believed to be working for the Chinese government, were able to gain access to a wide range of sensitive data, including information on Kenya’s debt to China, its military capabilities, and its counter-terrorism efforts, it targeted eight of Kenya’s ministries and government departments, including the presidential office.
According to two of the sources that assessed the hacks, they were aimed, at least in part, at gaining information on debt owed to Beijing by the East African nation which is a strategic link in the Belt and Road Initiative – President Xi Jinping’s plan for a global infrastructure network.
The hackers used a variety of methods to gain access to Kenya’s systems, including spear phishing, which involves sending emails that appear to be from legitimate sources in order to trick recipients into clicking on malicious links. Once they had access to the systems, the hackers were able to steal data, install malware, and disrupt operations.
Here are some additional facts about the Chinese hacking campaign against Kenya:
- The hackers used a variety of methods to gain access to Kenya’s systems, including spear phishing, watering hole attacks, and exploiting vulnerabilities in software.
- The hackers stole a large amount of sensitive data, including information on Kenya’s debt to China, its military capabilities, and its counter-terrorism efforts.
- The hackers also installed malware on the systems, which could have been used to disrupt operations or steal more data.
- The Chinese government has denied any involvement in the hacking campaign, but the evidence suggests otherwise.
- The hacking campaign against Kenya is a reminder of the growing threat of cyber warfare. Governments need to take steps to improve their cyber security in order to protect their citizens and their critical infrastructure.
The Kenyan government has been slow to respond to the hacking campaign, and it is unclear how much damage has been done. However, the attacks have raised concerns about the security of Kenya’s critical infrastructure and the potential for China to use its economic and political influence to gain an advantage over Kenya.
In May 2023, Reuters published a report that detailed the extent of the Chinese hacking campaign against Kenya. The report, which was based on interviews with cybersecurity experts and government officials, said that the hackers had been able to gain access to the systems of the Kenyan government’s office of the president, its defense ministry, its information ministry, its health ministry, its land ministry, its interior ministry, and its counter-terrorism center.
The report also said that the hackers had stolen a large amount of sensitive data, including information on Kenya’s debt to China, its military capabilities, and its counter-terrorism efforts. The hackers had also installed malware on the systems, which could have been used to disrupt operations or steal more data.
Response to the Chinese Kenya Hack
The Chinese Foreign Ministry has insisted it is “not aware” of any such hacking, while the country’s embassy in Britain called the accusations “baseless”, adding that Beijing opposes, and combats cyberattacks and theft in all their forms.
In Kenya, the presidential office has said the allegations of hacking attempts by Chinese Government entities are “not unique,” adding the government had been targeted by “frequent infiltration attempts” from Chinese, American, and European hackers.
“As far as we are concerned, none of the attempts were successful,” it said.
In a statement on Wednesday, the Chinese Embassy spokesperson said the report by Reuters, was “far-fetched and sheer nonsense”.
The extent of the Hack
According to the Kenyan cybersecurity expert who was brought in by Kenyan authorities to assess the hack of a government-wide network, the hackers stole documents from the Ministry of Foreign Affairs and the National Treasury, which could have been used to assess Kenya’s ability to repay its debts. The hackers subjected the office of the president, the defense ministry, the information ministry, the health ministry, the land ministry, the interior ministry, and the counter-terrorism center to persistent and prolonged hacking activity.
A Chinese state-linked hacking group known as “BackdoorDiplomacy” was behind the cyberattack on Kenya’s intelligence agency, according to a report by a defense contractor. The group has a history of using similar tools and techniques in other hacking campaigns, and its focus on Kenya is particularly noteworthy, given the group’s limited activity in the Middle East and Africa.
While China’s embassy in Britain denied any involvement in the attacks, it did not directly address questions about the government’s relationship with BackdoorDiplomacy.
The threat of cyber warfare is real, and it is only going to grow in the years to come. Governments need to take steps to improve their cyber security in order to protect their citizens and their critical infrastructure.
Discover more from Techspace Africa
Subscribe to get the latest posts sent to your email.