How cyber-crime complicates war on terror
Monday August 18 2014
On July 21, hackers infiltrated the Twitter account of the Kenya Defence Forces, leaving behind a series of nasty tweets.
Claiming responsibility for this cyber-attack on KDF was the hack activist group known as #Anonymous (@Anon_0*03), who also broke into the account of KDF spokesperson Maj Emmanuel Chirchir and had earlier defaced the website of the National Environment Trust Fund under the Ministry of Environment.
These attacks revived the debate on cyber-terrorism, which refers to the use of Internet-based terrorist attacks such as deliberate or large-scale disruption of computer networks using computer viruses.
The growing spectre of cyber-crime involves a plethora of outlaws such as spies, hackers and fraudsters. But the attack on the KDF account, a non-traditional target of cyber-crimes, is drawing attention to the potential threat of cyber-terrorism orchestrated by terrorist groups in Africa such as Nigeria’s Boko Haram and Al Shabaab.
They also raise the question of governments’ preparedness to counter cyber-terrorism and even deter or destroy the cyber-warfare capability of terrorists.
Kenya’s vulnerability to cyber felons arises from the country’s large Internet user base, estimated at over 21 million. As such, Kenya ranks fourth in cyber-crime cases in Africa after South Africa, Egypt and Algeria.
Cyber-insecurity is posing a great risk to Kenya’s development ambitions. The Kenya Cyber-security Report 2014 released by Serianu, a Nairobi-based information technology firm, estimated that Kenya is losing about Ksh2 billion ($22.8 million) annually due to cyber-crime.
Over the past four years, Kenya has experienced 92 terrorist attacks, with Al Shabaab claiming responsibility for 72 of those.
But the link between these acts of terrorism by fundamentalist groups and cyber-crime perpetrated by “hacktivists” and fraudsters is still hazy.
What is clear is that terrorist groups like Al Shabaab have used Twitter and other social networks to confirm all these attacks and the casualties involved.
But the attitude to the Internet by terrorist groups is ambivalent. While Al Shabaab is intensifying the use of cyber technology to advance its terrorist agenda across East Africa, inside Somalia it has banned access to the Internet and viciously clamped down on users.
Al Shabaab’s approach is methodically consistent with other global terrorist networks, which have exploited the Internet to recruit followers, spread propaganda and source funding for their operations while ensuring that the general population is excluded from the cyberspace.
Simply put, cyber-insecurity in Africa is giving wings to incipient cyber-terrorism.
Al Shabaab’s use of the Internet has grown by leaps and bounds since February 2012, when its leaders announced a merger with Al Qaida, linking its previously localised war in Somalia to global terrorism.
READ: AU’s dilemma in regulating use of continent’s expanding cyberspace
Al Qaida used technology to forge and connect its networks, but its successors or rivals are utilising the Internet in a more sophisticated manner than it did.
More recently, the Internet has afforded the Islamic State of Iraq and Syria (ISIS) — or simply “The Islamic State” as the group insists on being called — the ability to recruit all over the world.
In addition to the ubiquitous use of the Internet, Al Shabaab has developed a complex and hugely effective media network known as the Al Kataib.
Domestically, they run a series of radio stations that broadcast in Somali and Arabic languages. The most popular, Radio Andalus, transmits from a mobile vehicle roaming from district to district as an adaptation to constant jamming by the engineers of the African Union Mission in Somalia (Amisom).
Access to Internet
Only 2 per cent of Somalia’s 10 million people have access to the Internet. This explains why a radio and not cyber tool is Al Shabaab’s preferred domestic option.
It is worth noting too that on several occasions, and as recent as January 2014, Al Shabaab has banned using Internet outside cyber-cafes.
Anyone using the Internet on their mobile phones or at home is considered to be working with the “enemy.” This further aims to shield the population from alternative ideology.
However, they have exploited cyber tools to reach out to supporters andseek funding through donations. More importantly, they have used the Internet to engage the diaspora and to gather intelligence on counter-terrorism measures from their adversaries and enemy populations.
Both within and outside Somalia, social media tools have served Al Shabaab well on aspects of anonymity, affordability and reach.
Unlike traditional media — characterised as “one-to-many,” in which information is disseminated from one central point to many passive points on the periphery — social media has enabled its users to publish or access information.
An Internet connection is all Al Shabaab’s roughly 4,000 members need to have almost the same impact as any leading news corporation in the world.
The group’s audience, with their comparatively inexpensive and accessible mobile and web-based networks and devices, has created highly interactive platforms through which the message is widely broadcast.
Martyrdom is glorified and defectors named and shamed within these networks. The Internet has effectively enabled the self-sustaining networks that are promoting the group’s radical ideology and instilling fear.
The group is also managing a host of websites. Despite being constantly hacked by counter-terrorism agencies or tactical suspensions, these websites always pop up almost immediately on different domains.
The contents of these mushrooming websites include videos from Al Kataib, writings from Al Shabaab leaders and images from the battlefield.
Today, 26 per cent of the global population is using at least one account, especially Facebook, YouTube and Twitter.
In the late 2011, Al Shabaab registered @HSMPress on Twitter, now the group’s most visible online presence.
Al Shabaab’s Twitter account came to the limelight in September last year in the wake of the attack on the up-market Westgate Shopping Mall in Nairobi, when the group gave live commentaries and updates on its actions on the account.
Cyber terrorism has moved to a whole new level, with the development in June 2010 of Stuxnet, a computer worm designed to attack industrial programmable logic controllers (PLCs).
As a cyber-weapon that brought into sharp focus warfare in the fifth dimension (after land, water, air and space), Stuxnet was developed by the United States and Israel to monitor and destroy Iran’s Natanz nuclear facilities.
Stuxnet revealed the potential of developing devastating cyber-weapons. Its deployment is known to have thrown off Iran’s plan to acquire a nuke in four years by reportedly compromising Iranian PLCs, collecting information on the nuclear plant systems and causing the fast-spinning centrifuges to tear apart.
This was done just by understanding the electrical blueprint of the process and tinkering with it by using a code developed offsite but fed into the system using human agency. As a result, Stuxnet reportedly ruined almost one-fifth of Iran’s nuclear centrifuges.
The second lethal lesson learnt from Stuxnet is that serious cyber attackers will seek anonymity and operate in stealth. Stuxnet lurked in Natanz for over four years without being detected. This way, the Israeli developers had unlimited access to the facilities without raising the alarm.
This highly developed cyber-terrorist technology has far-reaching implications for the war on terrorism in East Africa. The immediate danger is the possibility of Al Shabaab or any other terrorist organisation operating in the region developing such a cyber-weapon as Stuxnet or purchases it from the black market.
A corporation may never know they are under attack till it is too late.
This reality must lead to a more focused attention on cyber-insecurity, not just as a crime but as a deadly form of terrorism.
If undetected and undeterred, cyber-insecurity can roll back the gains made in marketing East Africa as the future of technology in Africa.
Kenya’s $14.5 billion Konza Techno City has been billed as Africa’s Silicon Savannah. This calls for a cyber-security policy that takes into account the non-state actors as both threats and allies in the war against cyber-terrorism.
The current regime of information technology, complex networking and lax security practices has provided would-be-cyber-terrorists with unlimited, fairly cheap options, to wreak havoc on fragile African states.
East Africa must mount a firewall against cyber-terrorism before it is too late.
Peter Kagwanja is the chief executive of the Africa Policy Institute (API). Moses Karanja is a senior associate with the API. This article is part of the Institute’s Africa Security Report Project.