At first glance, most African countries appear to have limited ability to prevent or respond to cyberattacks by state-sponsored hackers. African countries tend to have low cyber maturity and limited offensive and defensive cyber capabilities. Virtually everything relies on foreign stakeholders to provide critical information infrastructure and manage data using cloud technology. This limits sovereign control over electronic information generated by African citizens and makes the technology stacks of countries across the continent vulnerable to breaches. The African government and regional organizations have been the targets of well-known state-sponsored attacks, such as China’s espionage in the African Union and North Korea’s 2017 Wannacry Ransomware attack.

While few African states can compete with the world’s major cyber powers, the region is inherently not vulnerable to state-sponsored cyber threats. Like other regions, Africa faces its own set of opportunities and challenges in the cyber domain. For now, low levels of digitization limit exposure in many countries compared to the more connected, technology-dependent regions of the world. As Internet penetration grows, African countries can use established good practices, international partnerships, and regional cooperation to identify, prevent, and respond to state-sponsored cyber-spy activities and disruptions to critical infrastructure. ..

Benefits of late digitization

The decisive feature of cyber power is its asymmetry. The most digitized and networked state is the most vulnerable to cyber attacks because it relies most on information systems. From Russia’s attack on the Ukrainian power grid to suspected Iran’s cyberattack on Saudi Aramco, the most devastating state-sponsored cyberattacks are against nations with high Internet penetration and critical cyber-dependent infrastructure. was. In contrast, in most parts of Africa, the majority of the population still lacks basic Internet access. Many countries do not have the digitally vulnerable levels of electricity, water, transportation, and energy infrastructure found in more developed countries. This is a big issue from a development point of view. However, in cyber terms, it means that many African countries have a limited attack surface, reducing potential fallout from successful country-sponsored attacks.

In fact, states in the early stages of digital development can benefit from limited legacy ICT infrastructure by adopting well-established practices in building technology stacks, making cyber-mature countries a cyber-mature country. You can make a leap forward. Non-digitized countries refer to dependencies that include legacy code, old and integrated software architectures, third-party libraries, and vulnerabilities that are completely insecure or widely exploited, technically or security-wise. Don’t bother with what is known as your debt. For example, having few security obligations built into SCADA systems is a one-time opportunity to design and implement cybersecurity strategies and governance policies that enhance security from the beginning. New secure cloud infrastructure projects, such as the EU’s GAIA-X, offer African states and regional organizations the opportunity to learn from more digital national practices in building online services.

Many African states reflect substantial differences in infrastructure, technology adoption, and development. Nevertheless, the relative lack of infrastructure diversity and the predisposition to utility sector monopolies have created significant vulnerabilities in many countries and territories. Africa’s attack surface is dotted with a number of major single points of failure or critical national infrastructure that are not replicated or easily replaced by additional plants, equipment, or networks. .. For example, Escom is a utility that powers most of South Africa and most of South Africa. Failure of such a system as a result of a cyberattack can have significant public health, security, and economic implications not only in South Africa, but throughout the region. The severity of these systematic threats underscores the need to evolve cyber capabilities across continents.

International cooperation and involvement

Many African states are partially vulnerable because they rely on a limited number of partners to build their technology stacks. For example, 70% of Africa’s 4G base stations are manufactured by one Chinese company, Huawei, which is poised to dominate the 5G market. This is a serious problem. It could control critical information infrastructure to an external power source, shutting down that infrastructure in theory, or introducing exploits and other vulnerabilities that are difficult to detect throughout the supply chain. African countries rely on the diverse slate of foreign technology suppliers to secure data center colocation, rather than relying on a single foreign partner to provide critical end-to-end information infrastructure. , Need to support local innovation. This reduces reliance on a single system or supplier and enables African governments to leverage their partners as they seek to develop regional capabilities and build threat detection, monitoring, and response capabilities.

Some African countries are actively pursuing what analysts call a partner diversification strategy when building a technology stack. In South Africa, where the ICT sector is mature, there is considerable product and partner diversity. Ethiopia initially developed most of its telecommunications infrastructure with the support of Chinese companies, but recently granted a major telecommunications license to a US-backed consortium led by Kenya-based Safaricom. The inclusion of Safaricom reflects the growing trend of African countries choosing to invest and support the growth of African technology partners.

The strategic use of partnerships to develop regional capabilities helps African stakeholders identify, respond to and recover from cases of security breaches sponsored by the most widely known states on the continent to date. It played an important role in helping. In 2018, it was revealed that China broke the IT system of the African Union headquarters and abused the infrastructure that helped build it to access sensitive servers and information systems. Analysts who write about breaches usually interpret the case as a sign of Africa’s vulnerability to foreign cyber impacts. However, the incident also shows that the development of regional threat detection capabilities and partner diversification strategies could make state-sponsored cyber-spy activities more difficult. In fact, African IT engineers first realized that AU was at risk and took steps to mitigate the threat by replacing the server and hardware. They were overturned by a Japanese security researcher for a second breach.

African countries can benefit from enhanced regional cooperation to further mitigate the threat of state-sponsored cyberattacks. Compared to the rest of the world, the African Continent has a well-developed regional security architecture and is a strong representative of major global institutions such as the United Nations. African countries need to develop and adopt a Common African Position (CAP) on some aspects of state-sponsored cyber threats. For example, virtually all African countries are interested in preventing civilian casualties from military cyber operations and monitoring, sharing, and stopping cyberattacks on critical infrastructure. For other important but politically problematic issues such as data sovereignty and accountability to social media operators, African countries should strive to increase representatives and participation in leading innovative countries and sort leaders. is. This will strengthen continental collaboration with African institutions in forums such as the United Nations Expert Group on Responsible National Action in Cyberspace, the International Telecommunication Union, and the Open End Working Group.

African officials are increasingly prioritizing cybersecurity at the continental and regional levels. The African Union has been identified as part of Agenda 2063 for Transforming Africa as an important priority to ensure that new technologies are used for the benefit of African individuals, institutions and nation-states. Provides cyber security. Based on information from experts, AU will work with the Regional Economic Communities to lead the continent’s cybersecurity agenda, adopt region-wide cybersecurity strategies, drive benchmarking standards and practices, and data privacy. Coordinating Member States’ approaches to cyber incident response. .. As recently proposed by the South African Institute for International Affairs, regional cybersecurity agencies have the potential to develop further, including through the establishment of agencies similar to the European Union Agency for Cybersecurity. Due to its more formal relationship with the local security architecture, Africa-CERT has the potential to become a platform for such institutions.

Take advantage of important turning points

Many African countries are at a turning point on the road to cyber maturity. As the Internet penetration rate increases rapidly, so does the vulnerabilities to state-sponsored cyber attacks and the urgency of building robust cyber security features.

Fortunately, African countries are at risk, but they do not have their own vulnerabilities. The relatively slow digitization of the continent provides the opportunity to adopt trial and error practices and standards and select a reliable supplier. Powerful regional agencies are a source of undervalued resilience and, when properly used, can help African countries overcome their relative lack of capacity and reliance on foreign technology. I will. If continental leaders are willing to prioritize cybersecurity, African states may find themselves in a strong position to monitor, deter, and disrupt malicious state behavior in cyberspace. There is.

Nathaniel Allen is an assistant professor at the Center for African Strategic Studies at the University of Defense and a term member of the Council for Foreign Relations. Nollevander Waag-Cowling is a lecturer in the Faculty of Strategic Studies at Stellenbosch University and she is a cyber program at the Institute for Governance and Leadership (SIGLA) in Stellenbosch Africa.

