Tag Archive for: AU

Suspected Chinese hackers stole camera footage from African Union

/0 Comments/in , , /by

Source: Reuters | Raphael Satter

WASHINGTON (Reuters) – As diplomats gathered at the African Union’s headquarters earlier this year to prepare for its annual leaders’ summit, employees of the international organization made a disturbing discovery.

Someone was stealing footage from their own security cameras.

Acting on a tip from Japanese cyber researchers, the African Union’s (AU) technology staffers discovered that a group of suspected Chinese hackers had rigged a cluster of servers in the basement of an administrative annex to quietly siphon surveillance videos from across the AU’s sprawling campus in Addis Ababa, Ethiopia’s capital.

The security breach was carried out by a Chinese hacking group nicknamed “Bronze President,” according to a five-page internal memo reviewed by Reuters. It said the affected cameras covered “AU offices, parking areas, corridors, and meeting rooms.”

“We cannot estimate the quantity and value of the data which have been stolen,” the memo continued, adding that while AU technicians had managed to interrupt the flow of data, the hackers could easily regain the upper hand.

“We are still weak to prevent another attack,” the memo said.

The alert, drafted in late January and circulated to senior officials, provides a glimpse of how world powers are jockeying for influence and visibility at the continent’s paramount pan-African organization. Some American and European officials have voiced concern as Beijing has stepped in to meet the AU’s needs – part of an Africa-wide shift that has seen China become the continent’s top creditor. Chinese workers built the AU’s showpiece new conference center in 2012 and Chinese technicians still help maintain the organization’s digital infrastructure.

The Chinese mission to the AU said in an email that “the AU side has not mentioned being hacked on any occasion” and that Africa and China are “good friends, partners and brothers.”

“We never interfere in Africa’s internal affairs and wouldn’t do anything that harms the interests of the African side,” the email said.

Repeated messages sent to AU spokesperson Ebba Kalondo asking about the January breach were marked as “read” but went unanswered.

Longstanding doubts over Beijing’s role at the AU spilled into the open in 2018, when French newspaper Le Monde reported here that AU employees had found that the servers at the new conference center were sending copies of their contents to Shanghai every night and that the building itself had been honeycombed with listening devices.

Both the AU and the Chinese government vehemently denied the report at the time, but a former AU official told Reuters the article in Le Monde was accurate and had put officials there on high alert over cyberespionage.

The former official said the latest breach was discovered following a tip from Japan’s Computer Emergency Response Team (CERT), which in a Jan. 17 email alerted AU officials to unusual traffic between the international organization’s network and a domain associated with Bronze President.

Koichiro Komiyama, who directs the global coordination division of Japan’s CERT, confirmed to Reuters that he sent the warning after a fellow researcher discovered the malicious traffic while picking through the hacking group’s old infrastructure.

The AU memo said that, within days of Komiyama’s email, the AU’s information technology team had traced the suspicious traffic to a set of servers in the basement of the organization’s Building C – part of an older complex across the road from the new conference center.

The memo said the hackers were able to siphon off “a huge volume of traffic” from the servers by hiding it in the regular flow of data leaving the AU’s network during business hours, even pausing their data theft during lunch.

Secureworks, an arm of Dell Technologies Inc which has been tracking Bronze President since 2018, confirmed that the malicious domain identified by Japan’s CERT was linked to the hackers.

Secureworks researcher Mark Osborn said his company had seen strong evidence that Bronze President operated from China, adding that it had been detected in several espionage campaigns targeting China’s neighbors, including Mongolia and India.

Any official protest over the spying is unlikely, according to the former AU official. He said China plays a critical role in keeping the organization running, including during an incident in June when part of the AU’s network was knocked out by a power failure and Chinese technicians swiftly repaired the damage.

For that reason, the former official expects that the surveillance camera incident – like the listening devices reported in 2018 – would be swept under the rug.

“Attacking the Chinese, for us, it’s a very bad idea,” he said.

 

Reporting by Raphael Satter; editing by Jonathan Weber and Edward Tobin

China Has Been Spying on the African Union Headquarters

/0 Comments/in , , /by

Beijing has gone out of its way to gain information on African leaders in order to compel and coerce them into supporting China’s international goals.

Source: National Interest | Joshua Meservey

Last week, a report emerged that hackers, probably from China, had been filching security camera footage from inside the African Union headquarters building in Ethiopia. Several years ago, AU technicians discovered that the building’s Huawei-provided servers were daily exporting their data to Shanghai, and that the walls of the Chinese-built headquarters were peppered with listening devices.

It is a strange way for Beijing to treat a continent whose rulers have emerged as key backers of its international agenda. Yet the Chinese government’s spying, which almost certainly extends far beyond the African Union headquarters, may in fact be one of the reasons why African rulers are willing to defend Beijing’s increasingly indefensible actions.

Beijing’s opportunities for eavesdropping in Africa are vast. Chinese companies—many of which are state-owned, all of which are legally obliged to cooperate with the Chinese Communist Party on intelligence matters—have built at least 186 government buildings in Africa, including presidential residences, ministries of foreign affairs, and parliament buildings. Huawei has built more than 70 percent of the continent’s 4G networks and at least fourteen intra-governmental ICT networks, including a data center in Zambia that houses the entirety of the government’s records.

The report—now confirmed by two other media outlets—that broke the original story of the Chinese government’s AU spying demonstrates what Beijing can do with a structure one of its company builds. The AU’s compromised ICT system was also provided by Huawei, whose equipment is often swiss chees-ed with security vulnerabilities that make them easily exploitable. Given Huawei’s links to China’s Ministry of State Security, it beggars belief that Beijing lacks anything less than an excellent idea of how to access those backdoors.

Beijing has many reasons to take advantage of the spying opportunities its companies’ activities in Africa provides. It can eavesdrop on the sensitive conversations they have with their non-African counterparts, and the Chinese government might be able to gather useful economic information it can pass to its many companies operating on the continent.

Yet as the Chinese government becomes more aggressive internationally, it likely increasingly values the information it gathers in Africa for its use in maintaining and expanding African decisionmakers’ support for Beijing’s global agenda. African states are consistent apologists for the Chinese regime’s oppression of its ethnic and religious minorities, vote frequently with Beijing at the United Nations (often in opposition to the United States), and usually back Chinese candidates vying for leadership of important international agencies.

Recent bombshell revelations demonstrate Beijing’s commitment to influencing foreign leaders. A Chinese spy named Christine Fang spent years developing personal ties with local politicians primarily from California. Fang arranged donations for, and even managed to place at least one intern with, U.S. Rep. Eric Swalwell, who is now a current member of the sensitive House Intelligence Committee (Swalwell cut ties with Fang after receiving an FBI briefing about her spying).

In early December, Director of National Intelligence John Ratcliffe wrote of a Chinese influence campaign aimed at “several dozen“ Congressmen and Congressional aides. China, in fact, targets Congress six times more frequently than does Russia, according to Ratcliffe. Meanwhile, a branch of the Chinese Communist Party known as the International Department, which is responsible for cultivating sympathy for the CCP with foreign politicians, claims to have ties with over 600 political groups in more than 160 countries.

African leaders, of course, do not need to be persuaded to accommodate China on certain issues. Many of their countries face a massive infrastructure gap, and Beijing is often happy to open its wallet for infrastructure projects. Affordable Chinese products, especially tech such as smartphones, are popular on the continent as well.

Yet the Chinese government spends a lot of time and energy trying to influence African leaders to support Beijing’s agenda at a level beyond what simple concern for their countries’ national interests would prompt. These charm campaigns include everything from bribery to throwing up flashy infrastructure projects during election times to lavishing “no-strings-attached” aid on rulers to feed their patronage networks.

The information that Beijing appears to be hoovering up daily is of obvious use for those kinds of influence operations. It could offer insights into an official’s habits, personality, and proclivities that would help Beijing effectively cajole or coerce him or her. A key element of Christina Fang’s approach was to get as close as possible to her targets; electronic surveillance access to a target’s most sensitive haunts would offer the sort of extensive surveillance a human spy could only dream of.

China has built access to African leaders that will be impossible to roll back in the immediate term. Washington, however, can begin building a response that is as patient and far-seeing as China’s strategy has been. One element of that must be complicating what is currently Beijing’s almost unfettered surveillance access to Africa.

Joshua Meservey is a Senior Policy Analyst specializing in Africa and the Middle East at The Heritage Foundation.