African Union HQ Building Bugged

Uploaded on 2018-03-22 in NEWS-Cybersecurity News, INTELLIGENCE--International, FREE TO VIEW

A number of African leaders have turned to Chinese investment as a viable alternative to Western development aid. The recent allegations of Chinese cyber-espionage of the African Union’s headquarters might prompt them to reconsider.

Earlier this year, Le Monde reported that confidential data on the IT network of the Chinese-built African Union headquarters in Ethiopia was being siphoned off to Shanghai every night between 2012 and 2017.

Despite denials from China and the African Union, the alleged espionage is worth analysing as it highlights Africa’s geopolitical importance to China and endangers Beijing’s preferred narrative of benevolent relations with African states. Moving forward, African leaders will face a more complex calculus when approaching the West and China with respect to tech issues.

Although this sort of Spycraft is fairly routine, it signals Africa’s growing strategic importance to China. In a world of finite resources, states spy on states that matter to them. China seems to have calculated that the hard power benefits of accessing internal AU data to gain the upper hand in negotiations with African leaders outweighed the soft power benefits that came with building them a headquarters.

For their part, a number of African leaders have turned to Chinese investment as a viable alternative to Western development aid. Beijing has invested millions of dollars in infrastructure across the continent, trades heavily with the continent, and opened its first overseas military base in Djibouti.

African leaders, including Uganda’s Yoweri Museveni, have decried Western actors as “conceited, full of themselves, ignorant of our conditions, and they make other people’s business their business, while the Chinese just deal with you as one who represents your country.”

China’s alleged espionage takes it from benevolent business partner to potential political meddler, adding a dimension of realpolitik to the relationship.

What Can African States Do?

According to Le Monde, the African Union kept the Chinese surveillance secret for a year after discovering it, suggesting that African leaders believed such information, if public, could have explosive consequences for their relationship with China. Africa’s hesitation to disclose this incursion demonstrates just how much influence Chinese strategic ambitions have over choices African actors make.

What can AU members do? African states have historically found ways to push back against powerful outside influences, despite continued power imbalances. Cold War geopolitics allowed African states play Soviet and Western interests off of each other, giving them more “space” to operate.

For instances, they used aid and trade deals from one region to negotiate better deals with another. They also strategically granted military privileges to one side or the other as a negotiating tactic.

The African strategic toolkit shifted with the post-Cold War ascendancy of the West. African states began to use rules, a central element of Western global politics, as a mode of resistance.

All but three African members of the International Telecommunication Union that attended an important 2012 conference endorsed changes to a telecom treaty known as the International Telecommunications Regulations.

China also endorsed these changes, while the United States did not.

African states have also been reticent to accede to the Council of Europe’s Convention on Cybercrime, largely on the grounds that they had no role in drafting it.

Instead, African states developed their own rival set of rules in the African Union Convention on Cybersecurity and Personal Data Protection, underscoring their resistance.

Resistance through rules probably will not help African states deter Chinese cyber espionage. International law is generally silent on espionage, so playing one set of rules off of another would do little to deter it. Instead, African states could return to playing one region’s interests off of another to gain strategic space to maneuver. African states will not be able to stop Chinese espionage.

But, African states could respond to this allegation of Chinese espionage by, for example, indicating greater openness to Western partners. This incident also opens possibilities for the West to re-engage with African countries and offer itself as a more appealing partner to African states to balance China’s influence.

So far, however, African states have failed to deal with China in response to the bugging in a manner that bolsters their autonomy. Eight days after news of the Chinese espionage broke, the African Union joined Chinese denials. The AU chairman appeared in Beijing with the Chinese foreign minister calling the allegations “all lies” while the Chinese foreign minister added that the allegation was a Western attempt to divide China and Africa.

The African Union’s failure to address China’s behavior demonstrates just how dramatically China’s influence has narrowed African strategic choices. African states have failed to counterbalance China’s interests by buying the party line.

If this behavior continues, African autonomy will take a real hit. The original Le Monde report quotes AU officials rationalising the Chinese behavior, ‘at least they never colonised us.’

This may be true, but China does not have to colonise Africa to affect its destiny on Chinese rather than African terms.

DefenseOne

You Might Also Read: 

Chinese Hacker Groups Shift Focus To India:

In S.Africa The Cybersecurity Skills Gap Is A Chasm:

 
« Cybersecurity At Sea
Cybercrime Costs Londoners £26m Every Month »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Superscript

Superscript

Superscript (formerly Digital Risks) is an insurance broker for small businesses, sole-traders, landlords and high-growth tech firms. Our services include Cyber Liability insurance.

International Association for Cryptologic Research (IACR)

International Association for Cryptologic Research (IACR)

(IACR is a non-profit scientific organization whose purpose is to further research in cryptology and related fields.

K&D Insurance Brokers

K&D Insurance Brokers

K&D provide insurance for all sectors of industry and commerce including cyber risk cover.

Giesecke+Devrient (G+D)

Giesecke+Devrient (G+D)

Giesecke+Devrient develop security technologies in four major areas: enabling secure payment, providing trusted connectivity, safeguarding identities and protecting digital infrastructures.

Exida

Exida

Exida is a leading product certification and knowledge company specializing in industrial automation system safety, security, and availability.

Hitachi Systems Security

Hitachi Systems Security

Hitachi Systems Security provides customized services for monitoring and protecting the most critical and sensitive IT assets in our clients’ infrastructures 24/7.

National Cyber Security Center (NCSC) - Hungary

National Cyber Security Center (NCSC) - Hungary

The National Cyber Security Center was established in 2015 by uniting the GovCERT-Hungary, National Electronic Information Security Authority (NEISA) and the Cyber Defence Management Authority (CDMA).

Ericom Software

Ericom Software

Ericom is a global leader in securing and connecting the digital workspace, offering solutions that secure browsing, and optimize desktop and application delivery to any device, anywhere.

DarkOwl

DarkOwl

DarkOwl provides the world’s largest index of darknet content and the tools to efficiently find leaked or otherwise compromised sensitive data.

Security Alliance

Security Alliance

Security Alliance provide bespoke cyber intelligence consulting and research services.

Def-Logix

Def-Logix

Def-Logix was founded in 2008 to help solve cyber threats being experienced by government agencies of the United States.

Focus Digitech

Focus Digitech

Focus Digitech helps you with your digital transformation journey with our main core offerings of Cloud, Cybersecurity, Analytics and DevOps.

Privasee

Privasee

Make GDPR compliance simple with Privasee. Our software makes it easy to protect your data and ensure you’re compliant with the new regulations.

Netcraft

Netcraft

Netcraft is a global leader in cybercrime detection and disruption, combining cutting-edge technology with decades of experience to protect organizations of all sizes from digital threats and attacks.

Foghorn Consulting

Foghorn Consulting

Foghorn can analyze your cloud to enhance performance and security, while reducing costs. Based on AWS’ 6 Pillars, our AWS WAFR Certified Engineers Will Identify Areas of Improvement.

Cyber Qubits

Cyber Qubits

Cyber Qubits is a cybersecurity training and consulting company focused on developing the next generation of cybersecurity professionals.