Twitter hack exposes Africa's cyber weaknesses

Mar 06, 2013 by Nicholas Przybyciel
Hackers have claimed the scalp of the South African Ministry of State Security's Twitter account, underlining concerns that Africa may be the soft underbelly of global cyber security.

Hackers have claimed the scalp of the South African Ministry of State Security's Twitter account, underlining concerns that Africa may be the soft underbelly of global cyber security.

As part of what was described as a large-scale attack spammers hijacked the @StateSecurityRS account to advertise a "miracle diet" before officials were able to change the password and regain control.

"Necessary security measures have been put in place to avert similar occurrences," State Security Spokesperson Brian Dube told AFP.

While many South African users of the social media network reacted with amusement, officials fear the next high profile attack on an African government will not be so harmless.

"It wouldn't be hard to shut down the government. There's very little in place, so even the most basic of attacks, in most cases, get through," said Craig Rosewarne, founder of the South African based consulting firm Wolfpack Information Risk.

With funding from the , Rosewarne's consulting group recently published a much-heralded threat analysis on the continent.

According to the report, most developing African nations have been either unwilling or unable to secure their rapidly expanding online networks and infrastructures.

South Africa is a particular source of frustration.

Rosewarne's analysis found that corruption is driving a proliferation of digital crimes throughout the country.

"We've delayed so much that other have actually overtaken us," he told AFP.

Over the past few years, hundreds of criminal syndicates have taken advantage of lax cyber security to launch relatively unsophisticated attacks, often using government or business insiders to exploit vulnerable networks.

It is estimated that cyber crimes resulted in 2.65 billion rand ($291 million) in damages and losses across South Africa in 2011, the last year reliable figures were published.

"While we're seeing a huge surge in financially motivated crimes, we're also seeing an upswing in hacktivism," Rosewarne said. "And that's where you'll get the scary guys – the guys that will go full out to make it happen."

The most ambitious of these homegrown hacking collectives is Team GhostShell.

Last year during its Project White Fox campaign, the group published 1.4 million hacked government and corporate documents from overseas institutions.

In October, the prolific hacker group Anonymous publicly distanced itself from GhostShell after the latter leaked the email addresses, passwords and identifications of 120,000 students from more than 100 universities worldwide.

With ANC leaders laying out a June deadline for adoption of the proposed "Secrecy Law," digital security experts worry the next few months could bring an onslaught of cyber attacks from GhostShell and its allies.

"The moment the proposed Secrecy Law is enacted, it's going to be a trigger to stir up and bring these collective partnerships together," said Rosewarne.

The African Union and the UN Economic Commission for Africa believe these hackers, along with their financially motivated counterparts, pose a dire threat to the continent's growth plan.

To help national governments combat this insurgency, they drafted a regional convention on cyber legislation that is awaiting sign-off from member countries.

"Without such protection, countries cannot take advantage of the digital economy in a sustainable way," said Aida Opoku-Mensah, director of UNECA.

"Consequently, the convention sends a strong political message that Africa is ready for the knowledge economy."

Even much-maligned South Africa is beginning to step up its efforts to thwart online crimes.

The country's director of cyber security announced that final plans for a national hub to combat online threats will be unveiled in July.

Meanwhile, a cohort of cyber inspectors are being trained to ferret out criminals – the first national efforts to train specialist law enforcement personnel since 2003.

"We've got capability, but it's fragmented," Rosewarne said. "We need a senior person to take the lead on this and to actually put in the necessary resources and look at the bigger picture and get things going in this country."

This lack of leadership has left local police dangerously ignorant of cyber security laws and the government has still has not implemented critical response teams that can respond to attacks.

Until all the pieces come together – Rosewarne believes this could take two years if fully prioritised – then South Africa, like most of the continent, will continue to lag behind other mature economies that have already constructed robust digital defences.

Explore further: Digital dilemma: How will US respond to Sony hack?

add to favorites email to friend print save as pdf

Related Stories

Cyber attack on Seoul's Unification Ministry

Aug 09, 2011

The South Korean ministry which handles relations with North Korea has been targeted by hackers in the latest of a series of online attacks on government and corporate websites, an official said Tuesday.

S. Korea to step up security against cyber attacks

May 24, 2011

South Korea said Tuesday it will step up IT security within the government to fend off cyber attacks from North Korea, which it has accused of mounting a series of strikes in recent years.

UK govt to announce new cyber security strategy

Nov 25, 2011

The government is set to announce new measures to tackle cyber crime on Friday as Britain's internet and electronic communications network comes under increased attack from hackers and foreign intelligence ...

Obama setting up better security for computers

May 29, 2009

(AP) -- America has for too long failed to adequately protect the security of its computer networks, President Barack Obama said Friday, announcing he will name a new cyber czar to take on the job.

Recommended for you

Digital dilemma: How will US respond to Sony hack?

2 hours ago

The detective work blaming North Korea for the Sony hacker break-in appears so far to be largely circumstantial, The Associated Press has learned. The dramatic conclusion of a Korean role is based on subtle ...

UN General Assembly OKs digital privacy resolution

5 hours ago

The U.N. General Assembly has approved a resolution demanding better digital privacy protections for people around the world, another response to Edward Snowden's revelations about U.S. government spying.

Online privacy to remain thorny issue: survey

6 hours ago

Online privacy will remain a thorny issue over the next decade, without a widely accepted system that balances user rights and personal data collection, a survey of experts showed Thursday.

Spain: Google News vanishes amid 'Google Tax' spat

Dec 16, 2014

Google on Tuesday followed through with a pledge to shut down Google News in Spain in reaction to a Spanish law requiring news publishers to receive payment for content even if they are willing to give it away.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.