Website attacks raise questions about African data security

Hackers are increasingly hitting local government websites

An increase in hacking by online fraudsters targeting African governments and corporations is raising questions about the safety of the region's Internet infrastructure.

The hacking is calling into question the security of data held by governments in the region as they adopt e-governance strategies aimed at decentralizing operations and enhancing efficiency. Over the past year, the region has seen more incursions from hackers attempting to gain access to databases for personal information. In addition, some hackers target government websites in order to show their abhorrence of oppressive regimes.

Last week, the Zimbabwean, Kenyan and Tunisian governments' websites were hit by hackers who defaced the sites and prevented them from functioning efficiently.

Meanwhile, the Kenyan government is planning to build a data center to serve East and Central Africa in a bid to ease the region's reliance on Europe and the U.S. for data backup. The Rwandan government has also built a database center for the country's data storage that will provide data backup for other countries in the region.

After the attacks, Zimbabwean Minister of Information and Communication Technology (ICT) Nelson Chamisa said the country is now making efforts to tighten security on its government websites in order to prevent similar strikes. As in Kenya and Tunisia, the Zimbabwean government websites were hit by distributed denial-of-service (DDOS) attacks that rendered them unavailable.

At one point, a defaced Ministry of Finance website displayed a message posted by a group of hackers that identified itself as 'Anonymous.'

While the Zimbabwean government is still probing the matter, Chamisa said at a media briefing last week that cybersecurity is "now on the front burner of the Zimbabwean government's work program."

The attacks have forced the Zimbabwe attorney general to form a commission to investigate the WikiLeaks diplomatic cable revelations and to bring treason charges against anyone found to be colluding with foreign governments. The hackings in Zimbabwe came after the country's first lady sued a local newspaper for US$15 million for publishing a WikiLeaks cable that linked her to alleged trade in illicit diamonds.

The Anonymous hacker group said it had targeted President Robert Mugabe's administration for actions taken by government officials to suppress information about the thousands of secrets WikiLeaks released.

In 2009, the Zimbabwean website went offline and was replaced by an advertisement from Microsoft.

Kostja Reim, CEO of Security Risk Solution, said more than 80 percent of the region's websites are vulnerable to hackers. This is because the governments and institutions have not moved to upgrade information security systems to protect the sites from local and international hackers.

In 2008, the Kenyan government lost millions of dollars to Russian hackers when it attempted to send the money to Ukrainian arms dealers over an unsecured protocol.

Anonymous has announced they have started a recruitment exercise for hackers to take down government websites. As a result, Africa is expected to experience increased cyber-attacks this year unless governments move to upgrade information security systems to protect the sites. Botswana, Namibia and Uganda are some of the countries expected to be targeted by hackers for opposing WikiLeaks.

Join the CSO newsletter!

Error: Please check your email address.

Tags securityinternetgovernmentSecurity Risk Solution

More about 2CMicrosoft

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Michael Malakata

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place