Chinese hackers targeted Kenya’s government in a widespread, years-long series of digital intrusions against key ministries and state institutions, according to three sources, including cybersecurity research reports.
According to two of the sources, the hacks were motivated, at least in part, by a desire to learn more about the East African country’s debt to Beijing. Kenya is an important part of President Xi Jinping’s Belt and Road Initiative, which is a global infrastructure network.
In a July 2021 research report, a defense contractor warned private clients that “further compromises may occur as the requirement for understanding future repayment strategies becomes necessary.”
The Chinese foreign ministry said it was “not aware” of any such hacking, while the Chinese embassy in the United Kingdom called the accusations “baseless” and said Beijing opposes and combats “cyberattacks and theft in all their forms.”
China’s influence in Africa has grown significantly over the last two decades. Kenya’s finances are being strained, as are those of several other African countries, by the rising cost of servicing external debt, much of which is owed to China.
According to two of the sources, China is using its espionage capabilities to monitor and protect its economic and strategic interests around the world, as evidenced by the hacking campaign.
According to a regional intelligence analyst, the hacks are part of a three-year campaign that has targeted eight Kenyan government ministries and departments, including the president’s office.
The analyst provided documents outlining the timeline of the attacks, the targets, and technical details about the breach of a server used solely by Kenya’s primary spy agency.
Similar hacking attempts on Kenya’s ministries of foreign affairs and finance have been reported by a cybersecurity expert in Kenya. Because of the sensitive nature of their work, all three of our informants requested anonymity.
“Your allegation of hacking attempts by Chinese Government entities is not unique,” Kenya’s presidential office stated, adding that the government had been the target of “frequent infiltration attempts” from hackers in China, the United States, and Europe.
“As far as we are concerned, none of the attempts were successful,” the statement said.
The Chinese embassy in London issued a statement criticizing “irresponsible moves that use topics like cybersecurity to sow discord in relations between China and other developing countries.”
“China places a high value on Africa’s debt issue and works tirelessly to assist Africa in dealing with it,” the spokesperson added.