Anonymous Sudan, a pro-Russian hacktivist group says it is responsible for a Distributed Denial-of-Service (DDoS) attack which intermittently took websites belonging to Kenyan media, hospitals, universities, and businesses, including Safaricom, offline.
The group had previously been involved in a series of “unprecedented escalation in DDoS attack sophistication” with pro-Russian hackers that targeted Western websites including Microsoft, according to a report published by Cloudflare earlier this year.
Denial of service attacks are cyberattacks where the attacker prevents users from accessing a website, online service, or connected device, by flooding the servers with internet traffic.
The group appears to have turned their attention to their southern neighbour this week after a video of a Sudanese general allegedly taunting Kenya’s president went viral on social media. On Sunday, it claimed it had attacked Kenya’s eCitizen website which hosts government services like visa application, business registration and more. It also claimed to have attacked Kenya Commercial Bank, Kenya’s second-largest bank measured by assets, and the country’s largest telecom, Safaricom.
It also attacked media websites including the one of The Standard Group, Kenya’s oldest newspaper, as well as the website of the government-owned Kenya News Agency. On Monday, 10 university websites were hit, including the University of Nairobi. And on Tuesday it targeted seven hospitals and the website of Kenya’s transport agency. The National Transport and Safety Agency allows Kenyan residents to apply and pay for driving licenses among others.
Eliud Owalo, Kenya’s cabinet secretary in charge of the Ministry of Information, Communication and the Digital Economy said, no data was accessed or lost.
“
There was an attack and we are addressing that. We are not just coming up with remedial measures to address the current situation,” Owalo said.
“We are ensuring that around this digitalisation space, we will build an elaborate risk mitigation framework for purposes of sustainable digitalisation.”
The CS assured that during the attack, no data was accessed or lost.
Owalo explained that all the hackers did was slow down the website by putting in unusual requests.
“What they did is they tried jamming the system by making more than ordinary requests into the system,” he said.
The group said it attacked Kenya because it “released statements doubting the sovereignty of [the Sudanese] government.” Sudan has been locked in internecine conflict between the Sudanese Armed Forces (SAF) and the paramilitary Rapid Support Forces (RSF), rival factions of the military government of Sudan since the 15th of April, 2023. Last month, the Sudanese government rejected the appointment of Kenya’s president, William Ruto as leader of a mediation group after accusing the East African nation of lacking neutrality.
African states are vulnerable to cyber attacks from foreign hackers but typically don’t attack each other—at least not publicly. According to Nathaniel Allen and Noëlle van der Waag-Cowling, both cybersecurity researchers, “African countries tend to have low levels of cyber maturity and possess limited offensive and defensive cyber capabilities. Virtually all rely on foreign actors to supply critical information.” Anonymous Sudan might be pro-Sudan, but it also has significant links to pro-Russian hacktivist groups.
Digitising government services is a key part of President Ruto’s agenda. Earlier this year, his administration said Kenyans could access 5,000 government services online. The services include business permits and visa applications. All were affected by the denial of service attacks.