According to three sources, cyber security research reports and Reuters’ own analysis of technical data linked to the hack, Chinese hackers have targeted the Kenyan government in a series of digital attacks over several years against government ministries and institutions. ‘state keys.
Two of the sources believed that the hack was aimed, at least in part, at obtaining information about a debt owed by Beijing to the East African nation: the Internet.
“Further understanding may arise in the need to understand future payment strategies as needed,” said a July 2021 research report written by the defense contractor for private clients.
China’s Foreign Ministry said it was “not aware” of any such hacking, while the Chinese Embassy in the UK called the allegations “baseless”, adding that Beijing opposes and combats “cyber attacks and theft of all kinds”.
China’s influence in Africa has grown rapidly over the past two decades. But, like several African countries, Kenya’s finances are facing the rising cost of paying off foreign debt – most of which is owed to China.
The hacking campaign shows China’s willingness to use its intelligence capabilities to monitor and protect economic and strategic interests abroad, the two sources said.
The hacking is part of a three-year campaign that has targeted eight Kenyan government ministries and departments, including the office of the president, according to an intelligence analyst in the region. The analyst also shared with Reuters research documents including the attack schedule, targets and provided technical data related to the compromise of a server used only by Kenya’s main intelligence agency.
A Kenyan cyber security expert described a similar hacking activity against the ministries of foreign affairs and finance. All three sources asked not to be named due to the sensitivity of their work.
“Your claims of attempted hacking of Chinese government agencies are not unique,” the Kenyan president’s office said, adding that the government has been the target of “repeated infiltration attempts” by hackers. Chinese, Americans and Europeans.
“As far as we are concerned, none of the attempts have been successful,” he said.
He did not provide further details or answer follow-up questions.
A spokesman for the Chinese Embassy in the UK said China opposes “irresponsible actions that use topics such as cyber security to create friction in relations between China and other developing countries.”
“China attaches great importance to Africa’s debt problem and is working hard to help Africa deal with it,” added the spokesperson.
Between 2000 and 2020, China provided nearly $160 billion in loans to African countries, according to a comprehensive database of Chinese lending compiled by Boston University, mostly for large-scale infrastructure projects. .
Kenya has used more than $9 billion in Chinese loans to fund an aggressive campaign to build or improve railways, ports and highways.
Beijing has become the largest creditor of the two countries and has gained a foothold in East Africa’s largest consumer market and an important shipping hub on Africa’s Indian Ocean coast.
In late 2019, however, when a Kenyan cybersecurity expert told Reuters that he had been brought in by Kenyan authorities to assess the hacking of the entire government network, China’s credit dried up. And Kenya’s financial problems were evident.
The flaw investigated by a Kenyan cyber security expert and linked to China began with a “spearing” attack late that year, when a Kenyan government employee unknowingly downloaded an infected document, allowing hackers to infiltrate the network and gain access to corporate services. others. .
“Many documents from the Ministry of Foreign Affairs were stolen as well as from the Department of Finance. The attacks seemed to target the debt situation,” the Kenyan cyber security expert said.
Another source – an intelligence analyst working in the region – said Chinese hackers had launched a massive campaign against Kenya that began in late 2019 and continued until at least 2022.
According to documents provided by the analyst, Chinese cyber spies subjected the office of Kenya’s president, its defence, information, health, land and interior ministries, its counter-terrorism centre and other institutions to persistent and prolonged hacking activity.
The affected government departments did not respond to requests for comment, declined to be interviewed or were unreachable.