This Week on CybAfriqué: Spyware in Sudan, Meta’s Africa moderation problem.

Today, we’re paying attention to the role spyware and surveillance tech has played in the Sudan conflict, the challenges of moderating Africa, and growing surveillance and disinformation efforts.

Apr 22, 2023

Spyware in Sudan

Days after conflict sparked in Sudan, Greece’s government has admitted to exporting Predator spyware, a spyware made by Israeli firm Cytrox, to South Sudan after the Greek leftist opposition party accused the government of fueling conflict in the region. Greece had also exported license of a similar strain of spyware to Madagascar and the predator spyware has also been discovered on devices belonging to Egyptian politicians and journalists.

The admission by the Greek government coincides with news from December 2022 that accused RSF of acquiring surveillance tools. The Greek government has denied that the spyware has any part to play in the current feud in South Sudan, but the Sudanese government has used similar Israeli spyware to spy on journalists, right advocates, and political dissidents. Unethical use of spyware and surveillance tech has been noted in Sudan since 2014 and has been a major point of conflict in the country. According to Amnesty International, MTN, one of Africa’s largest Telcos, also admitted that in 2013, the Sudanese government installed a box on their infrastructure that essentially allowed the government access to the data of users of the service provider.

Why does this matter?

African countries – especially those in conflict and outlier political spheres (which happen to be most of them) are a hotbed for spyware and surveillance tech. Direct acquisition of spyware by ruling parties is common, and so are partnerships that are ethically grey in terms of data privacy and surveillance.

Meta has been having a hard time moderating African content.

Meta is facing legal issues in Kenya in its pursuit to severe contract with its (former?) moderation contractor, Sama, a move that would see 250 moderators who work with the firm terminated. These employees are saying the termination is an attempt by Meta to “punish” them for organizing and speaking out against the unfair working conditions they faced. Majorel, Meta’s proposed alternative to Sama, has been reported to be just as toxic as Sama, but that might not matter as Meta said it has found “global partners” to handle African moderation pending the different lawsuits it's facing concerning the layoffs.

IMO: There is no way Meta’s “global partners” can effectively moderate Africa, which is one of the most culturally diverse continents in the world.

Why does this matter?

Social media companies have a bad history of moderating African content. Moderation is a problem across the world, but it is compounded in Africa by issues such as diversity, political volatility, and the fact that the continent makes up a relatively small percentage of the revenue sheet of these social media companies.

Before now, Elon Musk laid off all but one of the Twitter Africa team, which ruined content moderation concerning the continent on Twitter. This of course had adverse effects on elections and major political events that happened.

Do you know someone who would enjoy reading this? Fee free to share with them.

Interpol’s new Africa Cybersecurity Assessment Report reiterates a growing concern that Africa’s fast digitization needs to be met with adequate security measures, the growing complexity of Africa’s cybercriminals, South Africa leading cybercrime on the continent, a dark market that’s making it ridiculously easy for threat actors to purchase malware, and more.
Nigerian terror groups bypass social media moderation by using local languages to spread their propaganda and disinformation. This story by Humangle’s Aliyu Dahiru looks extensively into the inability of social media companies to moderate African communities in their local language, and how Ansaru, an Al-Qaeda-linked terror group in Nigeria is using this loophole to propagate disinformation and groom recruits.
The Islamic State West Africa Province (ISWAP) in the Lake Chad basin is acquiring an alarming arsenal of advanced cyber and surveillance tech tools. Recently, the group has been weaponizing unmanned vehicles and building large coordinated information ecosystems on private and encrypted platforms like Telegram and WhatsApp, among other things. Read Malik Samuel’s analysis on AllAfrica.
In 2020, South Africa suffered one of the worst data breaches in Africa when Transunion, the South African subsidiary of Experian, an Irish-domiciled global consumer credit reporting company, was defrauded. The breach exposed the personal data of 24 million South Africans and almost 800,000 businesses in South Africa. In 2022, Karabo Phungula was found guilty of this breach and sentenced to 15 years imprisonment, but the effects of this breach were widespread and still linger. Almost three years later, this report by IAfrikan looks at the long tail of this breach and the lessons learnt.
African fintechs are quite prone to hacks and fraud attempts as many of the fintech startups prioritize growth and scaling over security. Conversely, these platforms have suffered some devastating hacks and reputational damage. To curb this problem, Nigerian fintechs are coming together to share data and essentially create a blacklist, but this piece by TechCabal argues that it might not be that simple.
If this newsletter was forwarded to you by a friend, you can subscribe here.

Just Headlines

A Nigerian man was expedited from Canada to the United States to face legal actions for an alleged $6 million BEC scam – The Record.

MTN briefly closed off access to the internet in Sudan during the country’s conflict – WeeTracker.

Suspicious Twitter accounts artificially amplify the voice of Sudan’s paramilitary leader during conflict – DFRLabs.

Africa Fact-Checking Alliance hosts a conference on fighting mis/disinformation. – Inside Burundi.

The Zambian Government is partnering with Liquid Intelligent Technologies to launch a new data center – Regtech Africa.

The Tanzanian Telecommunications Company Limited signed a $15.7 million contract with Huawei to expand the country’s ICT-broadband network – Daily News Tanzania.

Senegal’s Data Authorities are warning Yassir, a fast-expanding Algerian ride-hailing service that just launched in the country to adhere to its data protection rules and regulation – Tech in Africa.

Libya is organizing a Telecommunications exhibition – The Libya Observer.

Post Note

Hi there, this is Olatunji Olaigbe, team lead at CybAfriqué, and I’m excited to have you here!

This is our first newsletter, and I’m pretty sure it contains some mistakes. We’ll likely be adjusting and making tiny (and not-so-tiny) improvements with each issue for a while.

I’m especially looking forward to hear from our readers, so send tipoffs, feedback, and any inquiry to cybafrique.media@gmail.com.

Until next Saturday!