A dramatic increase in online disinformation attacks against African nations and international agencies operating on the continent has cybersecurity and cybersecurity specialists scrambling to find solutions to the growing problem.
Africa saw at least 189 documented disinformation campaigns in 2023, about four times the number reported the last year. The wave of attacks comes as at least 18 African nations are due to hold elections next year a report from the Economistmaking disinformation a key threat to existing governments and businesses that rely on stable economies.
As these threats spread, cybersecurity professionals should look for protection strategies, but don’t expect to find a single solution to the problem, says Mark Duerksen, a research associate at the Africa Center for Strategic Studies.
“Disinformation is not just a technical problem, it is also a social and political issue that will involve layered responses to strengthen resilience, so the work of cyber experts can only be part of the solution,” says Duerksen. “However, we are seeing increasingly sophisticated disinformation campaigns that leverage cyberattacks to amplify, launder and fuel disinformation.”
The continent’s more than 50 countries continue to improve their cybersecurity posture this year, albeit unevenly. A number of institutions, such as the University of Lagos AND Shehacksthey aim to improve cybersecurity talent in the region, but in many countries they continue to lag behind in terms of cyber hygiene.
Mainly foreign influence operations
While disinformation is a global problem, Africa has become a significant target for both state-sponsored disinformation and national campaigns, according to the survey. a recent report from the Africa Center for Strategic Studies. According to the report, foreign governments account for the majority of disinformation campaigns, with approximately 60% of campaigns discovered in 2023 attributed to Russia, China, the United Arab Emirates (UAE), Saudi Arabia and Qatar.
In 2023, more than 189 disinformation attacks targeted African nations. Source: Africa Center for Strategic Studies
Of the 23 campaigns targeting not just one country but entire African regions, 16 came from groups linked to Russia. Russia is also responsible for 189 attacks against countries on the continent, mostly in West Africa, following the withdrawal of French troops from Mali and other Sahel countries, according to a report by the political think tank. Atlantic Council and the Digital Forensics Research Laboratory (DFRLab).
The report refers to the example of Russia invading Ukraine. At the time, the social media accounts of a number of Nigerian journalists were hacked and used to spread pro-Putin hashtags and false information, creating the impression of African support for Russia, Duerksen says.
There are currently 600 million internet users in Africa, of which 400 million are active social media users. African citizens are among the most voracious users of social media platforms, with users in Nigeria and Kenya among the internet-enabled individuals who spend the most time on social media. Overall, internet penetration rates range from 7% in Central African Republic to 51% in Nigeria, according to the Atlantic Council/DFRLab report.
According to the survey, protecting citizens and businesses from disinformation campaigns requires a range of initiatives, from supporting local journalism and media literacy to improving cybersecurity for elections and detecting, reporting and taking down networks of inauthentic social media users. a recent report, “Countering Disinformation Effectively: An Evidence-Based Policy Guide” from the Carnegie Endowment for International Peace.
Focus on user-centric security
While some experts question whether disinformation campaigns fall within the purview of cybersecurity professionals, most place the topic in… holistic discipline of human-centered security as well as creating effective security alerts for users and strengthening employees against sophisticated phishing attacks.
“A key aspect is the need to develop the capacity to track and analyze disinformation through decentralized but interoperable approaches and to establish ISACs (information sharing and analysis centers, a concept that derives directly from cybersecurity) as a hub for counterdisinformation” , Duerksen says. “Progress is being made in creating standardized frameworks and definitions so that researchers can share datasets and piece together the actors and tactics behind the sprawling disinformation campaigns we are starting to see.”
Cybersecurity experts working with government agencies should study the threat of disinformation, he says. Just like anti-phishing training, media literacy education can help make your workforce more resilient to attacks.
“This means developing situational awareness of emerging digital information spaces proactively rather than waiting for something to happen,” says Duerksen. “Having a response plan in place – which includes a strategic communications playbook and contact with social media companies – for if and when a disinformation attack occurs may seem overly cautious now, but companies are learning the hard way how quickly and how damaging it can be to their reputation and profits. lines that these types of attacks can occur when they happen.”