NAIROBI, Kenya
Chinese hackers have allegedly
conducted a series of cyber intrusions targeting key ministries and state
institutions within the Kenyan government over a span of several years,
according to confidential sources, cybersecurity research reports, and independent
analysis of technical data associated with the attacks, Reuters reports. FILE: President William Ruto met with the Chinese Ambassador to Kenya, Dr. Zhou Pingjian, at State House in Nairobi on December 20, 2022
The motive behind these hacks,
as assessed by two sources, appears to be acquiring information related to the
debt owed by Kenya to Beijing.
As a strategic component of
President Xi Jinping's Belt and Road Initiative — a global infrastructure
network — Kenya's role is of great interest to China.
A research report commissioned
by a defence contractor and shared with private clients in July 2021 suggested
that the hacking attempts were aimed at gaining insights into upcoming
repayment strategies.
It also warned that further
compromises might occur to meet this objective.
The Chinese Foreign Ministry
stated that it was not aware of any such hacking activities, while the Chinese
embassy in Britain dismissed the allegations as baseless, reiterating China's
opposition to all forms of cyberattacks and theft.
China's influence in Africa
has significantly increased over the past two decades. However, like many other
African countries, Kenya is grappling with the financial burden of servicing
its external debt, a substantial portion of which is owed to China.
The hacking campaign
underscores China's willingness to leverage its espionage capabilities in
safeguarding its economic and strategic interests overseas, as indicated by two
sources.
The campaign spanned three
years and targeted eight ministries and government departments, including the
presidential office, according to an intelligence analyst in the region.
This claim was supported by
research documents shared with Reuters, which included attack timelines,
targets, and certain technical data regarding the compromise of a server
exclusively used by Kenya's main intelligence agency.
A Kenyan cybersecurity expert
confirmed similar hacking activities against the foreign and finance
ministries. All three sources requested anonymity due to the sensitive nature
of their work.
The Kenyan presidential office
responded to the allegations, acknowledging the frequency of infiltration
attempts by Chinese, American, and European hackers but stating that none of
these attempts were successful.
The office did not provide
additional details or respond to follow-up questions.
In response to the
accusations, a spokesperson for the Chinese embassy in Britain emphasized that
China opposes any irresponsible actions aimed at sowing discord in its
relations with other developing countries.
They also highlighted China's
commitment to addressing Africa's debt issue.
Chinese lending to African
countries, including Kenya, amounted to nearly $160 billion between 2000 and
2020, primarily for large-scale infrastructure projects. Kenya utilized over $9
billion of Chinese loans to fund extensive development initiatives such as
railways, ports, and highways.
By late 2019, Chinese lending
to Kenya had decreased significantly, coinciding with Kenya's financial
challenges. During this period, a Kenyan cybersecurity expert was brought in to
assess a government-wide network breach.
The breach, attributed to
China and starting with a spearphishing attack, occurred when a government
employee unknowingly downloaded a compromised document, allowing hackers to
infiltrate the network and gain access to other agencies.
Documents related to the
Ministry of Foreign Affairs and the Finance Department were among those stolen,
with the attacks appearing to focus on Kenya's debt situation, according to the
Kenyan cybersecurity expert.
The intelligence analyst
working in the region also confirmed that Chinese hackers conducted a
wide-ranging campaign against Kenya, which began in late 2019 and continued
until at least 2022.
The targeted entities included
the president's office, ministries of defence, information, health, land,
interior, and the counter-terrorism centre, among others. Reuters' attempts to
reach these government departments for comment were unsuccessful.
The motive for the attacks and the extent of the information compromised could not be conclusively determined. However, the defence contractor's report suggested that the breach of Kenya's National Intelligence Service (NIS) might have been aimed at gathering information about the country's debt management plans.
No comments:
Post a Comment