Twitter hack exposes Africa's cyber weaknesses

Mar 06, 2013 by Nicholas Przybyciel
Hackers have claimed the scalp of the South African Ministry of State Security's Twitter account, underlining concerns that Africa may be the soft underbelly of global cyber security.

Hackers have claimed the scalp of the South African Ministry of State Security's Twitter account, underlining concerns that Africa may be the soft underbelly of global cyber security.

As part of what was described as a large-scale attack spammers hijacked the @StateSecurityRS account to advertise a "miracle diet" before officials were able to change the password and regain control.

"Necessary security measures have been put in place to avert similar occurrences," State Security Spokesperson Brian Dube told AFP.

While many South African users of the social media network reacted with amusement, officials fear the next high profile attack on an African government will not be so harmless.

"It wouldn't be hard to shut down the government. There's very little in place, so even the most basic of attacks, in most cases, get through," said Craig Rosewarne, founder of the South African based consulting firm Wolfpack Information Risk.

With funding from the , Rosewarne's consulting group recently published a much-heralded threat analysis on the continent.

According to the report, most developing African nations have been either unwilling or unable to secure their rapidly expanding online networks and infrastructures.

South Africa is a particular source of frustration.

Rosewarne's analysis found that corruption is driving a proliferation of digital crimes throughout the country.

"We've delayed so much that other have actually overtaken us," he told AFP.

Over the past few years, hundreds of criminal syndicates have taken advantage of lax cyber security to launch relatively unsophisticated attacks, often using government or business insiders to exploit vulnerable networks.

It is estimated that cyber crimes resulted in 2.65 billion rand ($291 million) in damages and losses across South Africa in 2011, the last year reliable figures were published.

"While we're seeing a huge surge in financially motivated crimes, we're also seeing an upswing in hacktivism," Rosewarne said. "And that's where you'll get the scary guys – the guys that will go full out to make it happen."

The most ambitious of these homegrown hacking collectives is Team GhostShell.

Last year during its Project White Fox campaign, the group published 1.4 million hacked government and corporate documents from overseas institutions.

In October, the prolific hacker group Anonymous publicly distanced itself from GhostShell after the latter leaked the email addresses, passwords and identifications of 120,000 students from more than 100 universities worldwide.

With ANC leaders laying out a June deadline for adoption of the proposed "Secrecy Law," digital security experts worry the next few months could bring an onslaught of cyber attacks from GhostShell and its allies.

"The moment the proposed Secrecy Law is enacted, it's going to be a trigger to stir up and bring these collective partnerships together," said Rosewarne.

The African Union and the UN Economic Commission for Africa believe these hackers, along with their financially motivated counterparts, pose a dire threat to the continent's growth plan.

To help national governments combat this insurgency, they drafted a regional convention on cyber legislation that is awaiting sign-off from member countries.

"Without such protection, countries cannot take advantage of the digital economy in a sustainable way," said Aida Opoku-Mensah, director of UNECA.

"Consequently, the convention sends a strong political message that Africa is ready for the knowledge economy."

Even much-maligned South Africa is beginning to step up its efforts to thwart online crimes.

The country's director of cyber security announced that final plans for a national hub to combat online threats will be unveiled in July.

Meanwhile, a cohort of cyber inspectors are being trained to ferret out criminals – the first national efforts to train specialist law enforcement personnel since 2003.

"We've got capability, but it's fragmented," Rosewarne said. "We need a senior person to take the lead on this and to actually put in the necessary resources and look at the bigger picture and get things going in this country."

This lack of leadership has left local police dangerously ignorant of cyber security laws and the government has still has not implemented critical response teams that can respond to attacks.

Until all the pieces come together – Rosewarne believes this could take two years if fully prioritised – then South Africa, like most of the continent, will continue to lag behind other mature economies that have already constructed robust digital defences.

Explore further: Google Baseline Study aims to define what a healthy human looks like

add to favorites email to friend print save as pdf

Related Stories

Cyber attack on Seoul's Unification Ministry

Aug 09, 2011

The South Korean ministry which handles relations with North Korea has been targeted by hackers in the latest of a series of online attacks on government and corporate websites, an official said Tuesday.

S. Korea to step up security against cyber attacks

May 24, 2011

South Korea said Tuesday it will step up IT security within the government to fend off cyber attacks from North Korea, which it has accused of mounting a series of strikes in recent years.

UK govt to announce new cyber security strategy

Nov 25, 2011

The government is set to announce new measures to tackle cyber crime on Friday as Britain's internet and electronic communications network comes under increased attack from hackers and foreign intelligence ...

Obama setting up better security for computers

May 29, 2009

(AP) -- America has for too long failed to adequately protect the security of its computer networks, President Barack Obama said Friday, announcing he will name a new cyber czar to take on the job.

Recommended for you

Scalping can raise ticket prices

16 hours ago

Scalping gets a bad rap. For years, artists and concert promoters have stigmatized ticket resale as a practice that unfairly hurts their own sales and forces fans to pay exorbitant prices for tickets to sold-out concerts. ...

Study shows role of media in sharing life events

Jul 24, 2014

To share is human. And the means to share personal news—good and bad—have exploded over the last decade, particularly social media and texting. But until now, all research about what is known as "social sharing," or the ...

User comments : 0