African Union headquarters hack (2018)

From International cyber law: interactive toolkit
Jump to navigation Jump to search

Note: In 2020, the African Union headquarters was subjected to another data exfiltration operation – see African Union headquarters hack (2020). It is unclear whether the two incidents are linked.

Date The hack has been conducted between 2012 and 2017. An investigative report published by Le Monde on 26 January 2018 revealed the data breach at the African Union headquarters.[1] The report further suggests that African Union officials discovered the leak in 2017 and kept the surveillance issue confidential.
Suspected actor The report argues for the involvement of the Chinese government behind the incident. China,[2] as well as officials from the African Union organization,[3] dismissed the newspaper report's accusations.[4]
Target Data exfiltration from unspecified network’s servers within the African Union headquarters in Addis Ababa, Ethiopia. The building of the AU had been gifted by China and built by Chinese contractors which provided also the embedded computer systems.[5]
Target systems n/a
Method Data exfiltration from the IT system of the African Union’s headquarter. African Union staff discovered an unusual nightly peak of data flowing between midnight and 2 am.[6] Those data have allegedly been downloaded from the AU servers every night since the construction of the building and sent to servers located in China.[7] Moreover, the report highlights that AU technicians found and removed hidden microphones from desks and walls of the headquarters.[8]
Purpose Unknown. Most likely, considering the close relations between China and a number of African countries, exfiltration of data could have had political relevance.[9]
Result According to the Le Monde report, a massive amount of confidential data has been exfiltrated from servers of the AU and redirected to a server hosted in Shanghai.[10]
Aftermath AU officials inspected the entire building, changing the servers, microphones and technologies installed within.[11]
Analysed in Scenario 04: A State’s failure to assist an international organization

Collected by: Samuele De Tomas Colatin

  1. J Tilouine, G Kadiri, “A Addis-Abeba, le siège de l’Union africaine espionné par Pékin”, (26 January 2018), Le Monde.
  2. H Chunying, Chinese Foreign Ministry Spokesperson, “Foreign Ministry Spokesperson Hua Chunying's Regular Press Conference”, (30 January 2018), Ministry of Foreign Affairs of the People’s Republic of China.
  3. B Adebayo, T Schwarz, “China denies bugging African Union headquarters it built in Ethiopia”, (2 February 2018), CNN.
  4. A Maasho, “China denies report it hacked African Union headquarters”, (29 January 2018), Reuters.
  5. S Tiezzi, “If China Bugged the AU Headquarters, What African Countries Should Be Worried?”, (31 January 2018), The Diplomat.
  6. E Thomas, “As the West warns of Chinese cyber spies, poorer nations welcome gifts with open arms”, (11 June 2018), Wired.
  7. M Fidler, “African Union Bugged by China: Cyber Espionage as Evidence of Strategic Shifts”, (7 March 2018), Council on Foreign Relations.
  8. B Blenchard, “African Union says has no secret dossiers after China spying report”, (8 February 2018), Reuters.
  9. N Statt, “China denies claims it built backdoors into African Union’s headquarters for spying”, (29 January 2018), The Verge.
  10. A Awokoya, “African Union Rocked by China Spying Allegations”, (18 February 2018), Geopolitical Monitor.
  11. I Akwei, “China caught ‘spying’ on the African Union headquarters in Addis Ababa”, (28 January 2018), Face2face Africa.