A recent report that Chinese hackers secretly redirected surveillance footage from the African Union headquarters so it could be viewed abroad is part of a larger pattern by Chinese networks to electronically infiltrate key communication channels in Africa, experts say.
“I’m not particularly surprised,” Joshua Meservey, senior policy analyst on Africa at the Heritage Foundation, told VOA. “We know China operates this way all across the world, including in Africa. They clearly have a particular interest in the AU headquarters.”
The report in December by the Reuters news agency alleged that prior to the 33rd AU Summit last February, a Japanese cybersecurity firm alerted AU technicians of the security breach.
Meservey said the alleged hacking is part of a larger effort. He conducted a study that alleges Chinese companies have built at least 186 government buildings in Africa and 14 “sensitive intragovernmental telecommunications networks.”
There have also been recent reports of governments such as Uganda and Rwanda targeting dissidents and their supporters by hacking into their WhatsApp and Skype accounts with the help of Chinese tech giant Huawei.
China has been accused of spying on the AU before. In 2018, the French newspaper Le Monde reported that China had installed listening devices in the headquarters. The report alleged that servers in the AU headquarters were secretly sending data to a computer system in Shanghai each night between midnight and 2 a.m.
Meservey said private Chinese companies are “legally obliged” to help the Chinese Communist Party gather intelligence.
In the alleged February 2020 attack on the AU, Meservey said the strategic importance of the video footage is unclear.
“I’m a little bit perplexed about why exactly they would want CCTV footage because … as far as I know, there’s no audio associated with it,” Meservey said. “So all you really can do is track people’s physical movements, I guess. But clearly they felt that was worthwhile.”
One possibility, Meservey said, is that China is seeking to build artificial intelligence capabilities by compiling video and other data and feeding it into systems that can learn facial features and other identifying information.
“They’re gathering immense amounts of data on their own citizens, feeding those into A.I. systems and then refining them in that way,” he said. “So that’s one thing that I think potentially they’re after.”
Reuters cybersecurity reporter Raphael Satter said the AU was alerted by Japan’s Computer Emergency Response Team (CERT) on Jan. 17, 2020, after it saw unusual traffic between the AU and a Chinese hacking group known as “Bronze President.” AU technicians then set about tracing the source of the activity.
“When they investigated, they found that a group of servers in an annex of the AU was communicating with a website that was associated with the Chinese hacking group,” Satter told VOA. “And those servers were sending surveillance camera footage to that website, which meant that cameras from across the AU campus were effectively being fed to hackers operating from abroad.”
China dismisses hacking report
VOA reached out to Ebba Kalondo, spokesperson for the AU, but did not get a response. The chairperson of the AU Commission, Moussa Faki, has previously denied that any Chinese hacking took place.
Chinese Ministry of Foreign Affairs spokesperson Wang Wenbin said during a December 21 press briefing that the Reuters report is an attempt to harm China-Africa relations.
“China-Africa cooperation will not be disturbed by noise, and China-Africa friendship will not be diluted by false information,” Wang said.
Satter said the AU has attempted to piece together what information was compromised but may still not know the complete picture.
“And that’s a problem that many organizations, not just the African Union, face when hackers get in, is trying to estimate just what the bad guys have gotten a hold of. And I think that in the AU’s case, they just don’t know,” Satter said.