In the evolving cyber threat landscape, it’s always important to constantly challenge biases. There are large pockets of important threat activity occurring in regions around the world less commonly addressed in Western threat research. While much attention has rightfully been drawn to Chinese threat actors targeting the West, the broader set of global activity supporting and promoting similar interests remains opaque. At a time of pervasive foreign activities towards cornering natural resources and co-opting the governance of less stable countries, what is happening across the vast African continent?
When contemplating where China might stand in the global arena in the next 5 to 10 years, it’s evident that there exists a considerable gap in the realm of cyber threat intelligence with regard to Africa as a whole, and more specifically how it ties into the long-term agenda of the People’s Republic of China (PRC). Africa, with its highly complex and dynamic environment, poses a unique challenge for accurately characterising its cyber threat landscape.
There’s an urgent need to acknowledge the importance of these frequently overlooked regions in the global threat landscape and take radical steps to close the gap in situational awareness.
SentinelLabs observes sustained tasking towards strategic intrusions by Chinese threat actors in Africa, designed to extend influence throughout the continent.
New attacks include those against telecommunication, finance and government, attributed to the BackdoorDiplomacy APT and the threat group orchestrating Operation Tainted Love.
China’s engagement in soft power diplomacy has a lengthy history, yet the use of strategic cyber intrusions highlights recent objectives and potential lasting impact in Africa.
To better manage the challenge of tracking state-aligned cyber activities in less monitored areas like Africa and Latin America, we are announcing the formation of the ‘Undermonitored Regions Working Group’. Launched at LABScon, this effort calls upon established security researchers to join analytic capabilities, combine telemetry, resources, and local expertise, and promote a unified approach to analysing cyber operations used to support soft power agendas in Africa and Latin America.
As the complexities of Chinese influence in Africa, the role of offensive cyber actions, and the broader implications of tech dominance are navigated, it becomes evident that this intricate web of geopolitics and cyber threats demands attention across the cybersecurity industry.