African Union HQ Building Bugged

Uploaded on 2018-03-22 in NEWS-Cybersecurity News, INTELLIGENCE--International, FREE TO VIEW

A number of African leaders have turned to Chinese investment as a viable alternative to Western development aid. The recent allegations of Chinese cyber-espionage of the African Union’s headquarters might prompt them to reconsider.

Earlier this year, Le Monde reported that confidential data on the IT network of the Chinese-built African Union headquarters in Ethiopia was being siphoned off to Shanghai every night between 2012 and 2017.

Despite denials from China and the African Union, the alleged espionage is worth analysing as it highlights Africa’s geopolitical importance to China and endangers Beijing’s preferred narrative of benevolent relations with African states. Moving forward, African leaders will face a more complex calculus when approaching the West and China with respect to tech issues.

Although this sort of Spycraft is fairly routine, it signals Africa’s growing strategic importance to China. In a world of finite resources, states spy on states that matter to them. China seems to have calculated that the hard power benefits of accessing internal AU data to gain the upper hand in negotiations with African leaders outweighed the soft power benefits that came with building them a headquarters.

For their part, a number of African leaders have turned to Chinese investment as a viable alternative to Western development aid. Beijing has invested millions of dollars in infrastructure across the continent, trades heavily with the continent, and opened its first overseas military base in Djibouti.

African leaders, including Uganda’s Yoweri Museveni, have decried Western actors as “conceited, full of themselves, ignorant of our conditions, and they make other people’s business their business, while the Chinese just deal with you as one who represents your country.”

China’s alleged espionage takes it from benevolent business partner to potential political meddler, adding a dimension of realpolitik to the relationship.

What Can African States Do?

According to Le Monde, the African Union kept the Chinese surveillance secret for a year after discovering it, suggesting that African leaders believed such information, if public, could have explosive consequences for their relationship with China. Africa’s hesitation to disclose this incursion demonstrates just how much influence Chinese strategic ambitions have over choices African actors make.

What can AU members do? African states have historically found ways to push back against powerful outside influences, despite continued power imbalances. Cold War geopolitics allowed African states play Soviet and Western interests off of each other, giving them more “space” to operate.

For instances, they used aid and trade deals from one region to negotiate better deals with another. They also strategically granted military privileges to one side or the other as a negotiating tactic.

The African strategic toolkit shifted with the post-Cold War ascendancy of the West. African states began to use rules, a central element of Western global politics, as a mode of resistance.

All but three African members of the International Telecommunication Union that attended an important 2012 conference endorsed changes to a telecom treaty known as the International Telecommunications Regulations.

China also endorsed these changes, while the United States did not.

African states have also been reticent to accede to the Council of Europe’s Convention on Cybercrime, largely on the grounds that they had no role in drafting it.

Instead, African states developed their own rival set of rules in the African Union Convention on Cybersecurity and Personal Data Protection, underscoring their resistance.

Resistance through rules probably will not help African states deter Chinese cyber espionage. International law is generally silent on espionage, so playing one set of rules off of another would do little to deter it. Instead, African states could return to playing one region’s interests off of another to gain strategic space to maneuver. African states will not be able to stop Chinese espionage.

But, African states could respond to this allegation of Chinese espionage by, for example, indicating greater openness to Western partners. This incident also opens possibilities for the West to re-engage with African countries and offer itself as a more appealing partner to African states to balance China’s influence.

So far, however, African states have failed to deal with China in response to the bugging in a manner that bolsters their autonomy. Eight days after news of the Chinese espionage broke, the African Union joined Chinese denials. The AU chairman appeared in Beijing with the Chinese foreign minister calling the allegations “all lies” while the Chinese foreign minister added that the allegation was a Western attempt to divide China and Africa.

The African Union’s failure to address China’s behavior demonstrates just how dramatically China’s influence has narrowed African strategic choices. African states have failed to counterbalance China’s interests by buying the party line.

If this behavior continues, African autonomy will take a real hit. The original Le Monde report quotes AU officials rationalising the Chinese behavior, ‘at least they never colonised us.’

This may be true, but China does not have to colonise Africa to affect its destiny on Chinese rather than African terms.

DefenseOne

You Might Also Read: 

Chinese Hacker Groups Shift Focus To India:

In S.Africa The Cybersecurity Skills Gap Is A Chasm:

 
« Cybersecurity At Sea
Cybercrime Costs Londoners £26m Every Month »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Certification Europe

Certification Europe

Certification Europe (now Amtivo Ireland) is an accredited certification body which provides ISO management system certification, including ISO 27001.

Cyber Together

Cyber Together

Cyber Together is dedicated to advancing the cyber security industry by giving businesses access to Israel’s leaders, innovators and great minds in the field of cyber security.

Ambersail

Ambersail

Ambersail provide Penetration Testing and Cyber Security Compliance services.

CERT.LV

CERT.LV

CERT.LV is the national Computer Emergency Response Team for Latvia.

Deltagon

Deltagon

Deltagon develops information security solutions to protect companies’ confidential information in e-communication and e-services.

DFLabs

DFLabs

DFlabs is a pioneer in Security Automation & Orchestration technology, leveraging your existing security products to dramatically reduce the response and remediation gap.

Venkon

Venkon

Venkon provides effective and unique solutions to cyber-security threats and IT compliance requirements of your organization.

Capital Network Solutions

Capital Network Solutions

Capital Network Solutions are a highly accredited managed IT services and consultancy provider, specialising in cyber security, infrastructure and communications.

Mission Critical Partners (MCP)

Mission Critical Partners (MCP)

Mission Critical Partners is committed to delivering innovative solutions that help our clients enhance and evolve their critical-communications systems and operations.

Cyera

Cyera

Cyera is the data security company that gives businesses context and control over their most valuable asset: data.

Tarlogic

Tarlogic

Tarlogic works to protect and defend your security with the highest quality technical team with next generation solutions to achieve the best protection.

ThrottleNet

ThrottleNet

ThrottleNet provides world-class managed IT services and cybersecurity to organizations in St. Louis and throughout Missouri.

Cyber Security Council UAE

Cyber Security Council UAE

The Cyber Security Council's vision is to protect UAE cyberspace, maintain confidence in our digital infrastructure and institutions, and build a cyber-resilient society.

Prikus Tech

Prikus Tech

Prikus is a full-fledged Cyber Security Company helping organizations worldwide to manage cyber risks. We offer Risk & Compliance Services, Security Testing & Managed Security Services.

SafeAeon

SafeAeon

SafeAeon is a leading Cybersecurity-as-a-Service provider, offering 24x7 premium Managed Security Services with AI-powered and Human-driven 24x7 SOC.

IBN Technologies

IBN Technologies

IBN Technologies offerings include customized, high-end Cloud Managed Services and Cyber Security Solutions tailored to companies with critical Internet components.