NAIROBI, Kenya- Kenyan government agencies have found themselves in the crosshairs of suspected Chinese hackers, according to a new report by cybersecurity intelligence firm Recorded Future.
This latest revelation underscores the ongoing cyber threats faced by nations worldwide.
RedJulliett’s Cyberattacks: A Global Threat
Between November 2023 and April 2024, the hacker group known as RedJulliett launched a series of cyberattacks targeting over 24 government organizations across various countries, including Kenya and Rwanda.
Recorded Future’s report, released on Monday, highlights that these attacks were not limited to government entities but also extended to religious organizations.
The hackers exploited vulnerabilities in SoftEther enterprise virtual private network (VPN) software, an open-source VPN that facilitates remote connections to an organization’s networks.
This critical security flaw allowed RedJulliett to gain unauthorized access to servers, posing a significant threat to the targeted institutions.
Additionally, the group employed structured query language (SQL) injection and directory traversal exploits against web and SQL applications, further broadening their attack surface.
Government and Education Sectors Under Siege
RedJulliett’s cyber offensive primarily focused on sectors such as government, education, technology, and diplomacy.
While Recorded Future observed attempts to identify vulnerabilities within these networks, it remains unclear whether the hackers successfully breached these organizations.
The targeted attacks are a stark reminder of the persistent and evolving nature of cyber threats, particularly those emanating from state-affiliated actors.
This incident is not the first time Chinese hackers have set their sights on Kenya.
In May, a report by Reuters detailed how Chinese hackers attempted to gather information on Kenya’s debt to China by targeting institutions like the finance ministry, the president’s office, and the country’s spy agency.
This pattern of attacks underscores the geopolitical motives often driving such cyber espionage campaigns.
The implications of these cyberattacks are far-reaching, highlighting the need for robust cybersecurity measures and international cooperation to combat such threats.
Recorded Future’s findings stress the importance of securing internet-facing devices and applications to prevent unauthorized access and data breaches.