In the digital age, hacktivism has emerged as a potent force that combines hacking techniques with activism, aiming to promote political, social, or ideological causes. While hacktivism can be a tool for positive change and raising awareness, it also raises ethical and legal concerns. The recent cyber-attack in Kenya serves as a compelling case study, shedding light on the dual nature of hacktivism and its impact on the nation’s digital landscape.

Positive Use Case: Hacktivism|#OccupyPlayground
Hacktivism has been channelled positively in Kenya on several occasions to bring about social change. Notably, the “#OccupyPlayGround” movement in 2015 exemplified hacktivism used for a noble cause. Concerned citizens, leveraging social media platforms, campaigned to preserve public school playgrounds amid threats of privatization. Their digital activism successfully raised awareness and mobilized protests, getting back a piece of land grabbed from a public school playground in Nairobi. The movement demonstrated the power of hacktivism in promoting the right to essential amenities for Kenyan children.

Destructive Use Case: Hacktivism| #OpAfrica
In a significant example of negative hacktivism in Kenya, the hacktivist group Anonymous executed a sophisticated cyber attack on the government by breaching the Foreign Ministry server and stealing a substantial amount of data, some of which was subsequently leaked on the Dark Web. The operation, known as OpAfrica, was initiated against child abuse, child labour, and corruption in African countries. The leaked data includes both confidential and non-confidential PDF and Docx files from the ministry server, encompassing email conversations, security-related communications, international trade agreements, and discussions on the security situation in Sudan. Anonymous also shared internal emails, revealing attempts to hack staff email IDs through phishing emails containing malicious links. This attack highlights the group’s determination to take a stand against corruption and other societal issues, leaving the Kenyan government grappling with the aftermath of the breach and its implications.

Case Study: The Anonymous Sudan Attack
Anonymous Sudan, a threat actor claiming to be politically motivated hackers from Sudan, initially garnered attention for their cyber-attacks on public and government organizations in Kenya. However, researchers from TrueSec refuted their claims of association with the global Anonymous online activism collective and their supposed Sudanese origins. Instead, the evidence points to Anonymous Sudan’s affiliation with a network of Russian hacktivist collectives, such as KillNet and UserSec, known for spreading pro-Kremlin propaganda and targeting Ukraine’s allies in the West. TrueSec’s investigation revealed several tell-tale signs, including the group’s use of the messaging app Telegram, widely favoured by Russian hackers. This exposure casts doubt on Anonymous Sudan’s proclaimed identity and sheds light on its real intentions in orchestrating cyber-attacks.

The recent cyber-attack on Kenya’s eCitizen platform proved to be a major disruption, affecting critical government services such as driver’s license issuance, passport applications, and visa processing. Despite some payment platforms being restored, the eCitizen platform remained down, leaving citizens unable to access essential services. The attack’s far-reaching impact extended across the economy, affecting visa processing and even hindering electricity bill payments through the M-Pesa App.

This incident raised concerns about the nation’s critical information infrastructure and cybersecurity measures. While Kenya strives to embrace e-governance and develop a digital super highway, the attack highlights the pressing need to fortify defences against cyber threats. As the nation endeavours to strengthen its cybersecurity capabilities, the identity of Anonymous Sudan and the motivations behind the attack continue to be subject to scrutiny and investigation.

For further information, please contact us at info@adili.africa