Kenya has been targeted by Chinese pirates government in widely for years series of digital intrusions against key ministries And state institutions, according to three sources, cybersecurity research Reuters own reports and analysis of Hacking technical data.
two of Sources assessed that the breaches were aimed at a minimum in part of the gain information on debt The East African country owes it to Beijing: Kenya is a strategic link in The Belt and Road Initiative – President Xi Jinping’s plan for a global infrastructure network.
More concessions may occur as a condition for Understanding upcoming repayment strategies becomes essential”, July 2021 research Report written by a defense contractor for private mention clients.
China’s foreign ministry said it “doesn’t know” of No such hacking, while the Chinese Embassy in Britain called the accusations “baseless,” adding that Beijing opposes and combats “cyber attacks and theft in all their forms.”
China’s influence in Africa grew rapidly over the past two decades. but, like Many African countries, Kenya’s finances are under strain due to growth cost of external service debt – a lot of It is a city of China.
the pirate campaign Shows China’s willingness to take advantage of espionage Capabilities to monitor and protect economic and strategic interests abroad of sources said.
Breakthroughs make up threeyear campaign that targeted eight of Kenya ministries And government departments, including the presidential one officeaccording to intelligence analyst in the region. the analyst also subscriber with Reuters research Documents that included the schedule of Attacks and goals and provided some technical data related to the compromise of A server used exclusively by Kenya main spy agency.
A Kenyan cybersecurity expert described similar hacking activity against Foreign and financial ministries. All three of The sources asked not to be identified due to the sensitivity nature of they work.
your claim of Hacking attempts by Chinese government entities are not uniqueKenyan Presidency office He said adding the government It has been targeted by “repeated infiltration attempts” from Chinese, American and European hackers.
“As much as we are concernedno one of “The attempts were successful,” she added.
It did not provide further details and did not respond to follow up Questions.
speaking for Chinese embassy in Britain said China against “Irresponsible moves that use Threads like Cyber security to sow discord in Relations between China and other developing countries countries. “
China is attached great importance to Africa debt issue It works intensely for help Africa is adapting with it,” the spokesperson said added.
Hacks
Between 2000 and 2020, China has allocated nearly $160 billion in Loans to African countries according to a comprehensive database on Chinese lending hosted from Boston University, a lot of He. She for Large scale infrastructure projects.
Kenya used over $9 billion in Chinese loans to finance a strong boost to build Or upgrade railways, ports and highways.
Beijing has become the country’s largest bilateral creditor and secured a solid foothold in The most important consumer in East Africa market A vital logistics center on Indian Ocean coast of Africa.
But by late 2019, when a Kenyan cybersecurity expert told Reuters he was brought in in by the Kenyan authorities to assess the penetration of At the government level, Chinese lending has been drying up up. and Kenya financial Strains were showing.
The breach, which was reviewed by a Kenyan cybersecurity expert, was initiated and attributed to China with “spearfishing” attack .in the end of The same yearwhen he is Kenyan government employee An infected document is inadvertently downloaded, allowing hackers to infiltrate a file network And access other agencies.
“a lot of documents from the ministry of It was foreign affairs stolen It is the finance department as well. The attacks appeared focused on the debt Kenyan cyber security expert said.
Another source – intelligence analyst a job in the region – said the Chinese pirates who took it out Long-term campaign against Kenya started in late 2019 and continued through at least 2022.
According to the documents he provided analystChinese cyber spies were subjected to office of The President of Kenya, its defense, information, health, land and home ministries, its counter-terrorism center and other institutions for continued and prolonged hacking activity.
affected government Departments did not respond to requests for comment and declined to be interviewed or not reachable.
By 2021, global The economic fallout from the COVID-19 pandemic already Help pay one The main Chinese borrower – Zambia – fell into default on external debt. Kenya managed to secure a temporary debt Postponement of payment from China.
In early July 2021, Cyber Security research Reports shared by intelligence analyst in the region Hinge how The hackers secretly accessed an email server used by Kenya’s National Intelligence Service (NIS).
Reuters was able to confirm That the victim’s IP address belongs to NIS. was the accident also Covered in report from private defense Contractor reviewed by Reuters.
Reuters could not say what information Taken during hacks or definitively identifying a motive for attacks. But the defense The contractor’s report stated that the breach in new Israeli shekels may have been aimed at collection information on how Kenya planned to manage debt payments.
Kenya currently Feeling of pressure of these debt Burdens…as many as possible of Projects financed by Chinese loans do not generate enough income to pay for themselves yet,” the report stated.
Reuters review of Internet records identifying the chinese digital espionage The activity showed that the server is being controlled by Chinese hackers also Access to the common kenyan government webmail service more Recently from December 2022 until this February year.
Chinese officials declined to comment on This latest breach, and the Kenyan authorities did not respond to a question about it.
Diplomacy
the defense Contractor indicating identical tools and techniques used in Other hacking campaigns identified Chinese state-linked hacking team As I got pregnant out the attack on Kenyan intelligence agency.
the group Known as “BackdoorDiplomacy” in Cyber security research communitybecause of that it record of In an effort to promote goals of Chinese diplomacy strategy.
According to Slovakia-based cybersecurity company ESET, BackdoorDiplomacy reuses malware software against to gain his victims access to their networks, making it possible to track their activities.
Provided by Reuters with IP address of NIS hackers Palo Alto Networks, an American cybersecurity company that tracks BackdoorDiplomacy activities, confirmed that they belong to a group, adding that their previous analysis shows the group sponsored by the Chinese state.
Cybersecurity researchers have documented BackdoorDiplomacy hacks targeting governments and organizations in number of countries in Asia and Europe.
Incursion into the Middle East and Africa appears less commonwhich makes focus and measurement of hacking activities in Kenya is particularly noteworthy, and defense said the contractor’s report.
“Obviously, this angle is a priority for the group. “
China Embassy in Britain refused any involvement in Penetration in Kenya, and they have not directly Address questions about a government relationship with Diplomacy.
China A main victim of Saber theft Strong attacks and defenders of A cyber security spokesperson said.