South African Prisoners' Internet Access Debate; Twitter's Struggle With False Info on Sudan Conflict; Who is Anonymous Sudan?

...and More Infosec Stories Across Africa

CybAfriqué is a weekly newsletter covering news and analysis on cyber, data, and information security on the African continent.

South Africa’s Dilemma on if Prisoners Should Have Unrestricted Internet Access.

South Africa has been facing a dilemma on allowing prisoners unrestricted access to the internet for the past couple of years. Presently, the country permits limited and closely monitored access to the internet for prisoners for educational purposes. Inmates are reportedly required to be registered for education, undergo an orientation program, and are trained on responsible use of electronic devices, cyber safety, and information security. This program has helped prisoners acquire education and digital skills, and learning especially boomed during the pandemic when e-learning materials were made more widely available.

However, since 2018, there have been at least two hearings that ruled in favor of allowing inmates even more access to electronic devices and the internet in their respective wards. The judges cited that as the correctional system moves from a punishment-centric approach to a rehabilitation-focused one, inmates should have access to all the materials they need to become better individuals.

If approved, inmates would have access to pre-approved devices connected to monitored prison internet networks. However, the country's department of justice and correctional services is appealing against this ruling, citing that it could pose a significant security threat. They argue that inmates could smuggle in their own internet or bypass censorship, communicate with other criminals, and plan crimes.

Even with the current monitoring in place, a convicted rapist and murderer Thabo Bester managed to run a scam and even appeared on a video call from prison using a device given to him for educational purposes.

Twitter is Failing to Check False/Manipulated Information on Sudan Conflict

Twitter has been performing poorly in verifying the accuracy of information related to the conflict in Sudan. Recently, a Twitter account claiming to be the Rapid Support Force (RSF), one of the warring parties in South Sudan, got a blue verification bagde and falsely reported the death of its leader, Mohamed Hamdan Daglo. The tweet was not removed by Twitter until after receiving over 1.7 million views. 

Additionally, several unrelated and doctored images have been posted in relation to the Sudan conflict, many of which have garnered significant attention. For example, this tweet by an account with a blue verification badge that contains images that fact-checkers have found to be false and manipulated has not yet been taken down and has received over 260,000 views as of this writing. 

As both conflicting parties in Sudan use Twitter to spread disinformation and gather manipulated impressions, it has become a battleground for information warfare. 

However, Twitter is also being used by civilians to crowdsource help and safety where/when aid groups are unable to reach them.

Who is Anonymous Sudan?

Anonymous Sudan is a hacking group that carries out religion-motivated attacks and claims to originate from Sudan. However, there are suspicions that it may be part of a Russian information operation. 

The group has recently made headlines by carrying out multiple cyberattacks on various Israeli entities and infrastructure. These attacks include targeting the websites of two ports, the Israeli postal service, bank websites, telecom websites, a huge chunk of the power sector, and the national insurance institute website. One of the most noteworthy feats of Anonymous Sudan was their publishing of over 200,000 records gotten from the series of attacks, and a brief takeover of the Facebook account of Israel's Prime Minister, Benjamin Netanyahu.

Anonymous Sudan has been active since the beginning of this year, mostly conducting DDoS attacks. These types of attacks effectively cripple websites or information systems by bombarding them with multiple requests at a time. 

The group has threatened or carried out attacks on organizations and infrastructures in Sweden, Denmark, France, and even India. It's worth noting that Anonymous Sudan is not connected to the more well-known group, Anonymous. Also, Anonymous Sudan has not expressed any opinions or taken any actions in regards to the ongoing conflict in Sudan.

Big Picture Stuff. 

• There has been a lot of talk about how generative AI could lead to a new level of fraud. AI systems have the ability to create convincing images, videos, or voices of people, which fraudsters could then use to trick real people or systems. In an article by TechCabal, an anonymous Nigerian fraudster was interviewed, who argued that AI is not yet advanced enough to replace human fraudsters. This is because fraud often requires quick thinking and spontaneity, which current AI technology cannot achieve without prior scripting. Therefore, like many other jobs, AI cannot completely replace human fraudsters at this time.

• A Chinese advanced persistent group, APT, identified as Daggerfly or Bronze Highland or Evasive Panda (more on names later) recently targeted an unnamed telecoms company in Africa. This is part of a larger trend of sophisticated attacks on Telcos that have occurred in the past few months. To learn more about this attack and its connection with others, you can read the detailed technical analysis provided by Symantec.

• The Tigray region in Ethiopia experienced military operations in November 2020 by the government against the Tigray People's Liberation Front, the ruling party in the region. This conflict resulted in shelling, looting, and destruction of hospitals, schools, factories, and businesses by Ethiopian federal forces, regional militias, and Eritrean armed forces in towns throughout Tigray. As a result of limited access to humanitarian aid due to ongoing fighting, over two million people were displaced, with thousands seeking refuge in Sudan, and a minimum of 2.3 million people requiring assistance. Additionally, the Tigray minority faced widespread hate and discrimination that resulted in real-life violence against them.

  Since 2021, Facebook has faced significant criticism for allowing hate speech and calls for violence against the Tigray minority on its platform. Despite staff members raising concerns about the “engagement-based ranking,” its algorithms promoted inflammatory speech. In 2022, a coalition of affected people charged Meta, the parent company of Facebook, for its role in what has been described as an attempt at ethnic cleansing.

  The International Crisis Group analyzes the on-ground situation and clarified the extent to which Facebook was involved in Ethiopia's ethnic violence here. 

Headlines

Sudan’s internet is fluctuating as the fighting causes power cuts. At some point, it was down to 2% of its usual activity, per researchers monitoring the area. The effects of this connection blackouts have been noticed in the Chad region.

Nigeria’s National Population Commission said its server was not hacked, refuting claims that it postponed its training exercise due to a cyber related compromise. 

Mirror Trading International, a South African crypto scheme that was announced in 2020 biggest crypto scam of the year by Chainanalysis is officially declared a pyramid scheme by an high court. 

Kenyan retail giant Naivas suffers a ransomware attack — iAfrikan. 

Starlink did not apply for a license in South Africa, Comms Minister says — BenjaminDada

Rwanda wants to issue digital ID cards — Techpoint. 

Smile Identity, a Nigerian digital identity verification startup, acquires Ghana’s Appruve, another platform — Technext. 

Rwanda wants to issue digital ID cards — Technext. 

In DR Congo, Raxio, a data center, and CSquared, a broadband provider, are banding together to offer better internet — We Are Tech Africa. 

Namibia is saddled with the responsibility of leading Southern Africa’s Telecomms association for a year — Namibia Economist. 

Tanzania is Taking Action Against Cross-Border Telecom Fraud — Daily News Tanzania.

Across the world

ChatGPT is giving in to privacy concerns, enabling it to resume service in Italy where it had been banned due to issues with privacy and data protection.

Read Andy Greenberg on the absurdity of naming cyber threat groups. 

Runa Sandvik is a cybersecurity expert helping journalists and newsrooms weather cyberattacks, her profile threads the most insane cyberattacks press entities have faced.

Opps and Stuff

Register for the Diary of Hackers Conference coming up in the University of Lagos, Nigeria, on the 6th of May. 

Do you have a job, placement, or opportunity you’d like to feature in this section? Send details to cybafrique.media@gmail.com 

Post Notes.

Hi, Olatunji here.

I hope you’ve enjoyed reading the second issue of this newsletter. In a bid to expand our readership, I’m personally soliciting each reader to share with a friend or colleague who you think would enjoy this newsletter, and put out a word for us on social media. You can tag and follow our official Twitter account @CybAfriqueMedia and me @OlatunjiOlaigbe. 

Till next Saturday!