Anonymous Sudan, a Sudanese hacker group, says it is targeting Nigerian companies in response to the threat of military action in Niger. Yesterday, Nigeria’s national IT agency issued an advisory for the public as the group attacks NITDA and claims responsibility for an attack on MTN.
On Wednesday morning, Anonymous Sudan, a pro-Russian hacktivist group, issued a warning to Nigerians on its Telegram channel. By midday, the group claimed it had launched a cyberattack against MTN Nigeria, the country’s largest telco. Although MTN has not confirmed the attack, the National Information Technology Development Agency (NITDA) confirmed in a press release that Anonymous Sudan targeted its digital infrastructure and advised Nigerian financial service providers, government bodies, and telcos to prepare for a series of attacks. The agency also outlined ways to prevent the attacks.
According to the hacker group, the attack, the first in what it claims will be a series, is motivated by Nigeria’s proposed military intervention in Niger. “They are attempting to cut power and are willing to participate in the French colonialistic planned invasion of Niger,” read a statement from the group on its Telegram channel. On Wednesday, Nigeria cut power supply to Niger, the first of sanctions against the country.
The sanctions are in response to the removal of Niger’s President Mohamed Bazoum by the army. West Africa’s regional bloc, ECOWAS, led by Nigerian President Bola Tinubu, have asked the coup plotters to reinstate Bazoum within the week—that deadline expires on Sunday. ECOWAS says it is considering military action to restore constitutional order.
Last week, Anonymous Sudan took responsibility for a string of Distributed Denial-of-Service (DDoS) attacks on Kenyan media, hospitals, universities, and businesses. Denial of service attacks are cyberattacks where the attacker prevents users from accessing a website, online service, or connected device by flooding the servers with internet traffic. The group’s claim of attacking MTN follows the same approach it deployed in Kenya, where it attacked Safaricom, Kenya’s biggest telco.
The group’s cyberattacks in Kenya have compelled Nigeria’s Computer Emergency Response Team to release guidelines for preventing the same level of success on Nigerian shores. Some of the guidelines include deploying firewalls and DDoS protection services, using CAPTCHA tests on websites, and limiting network broadcasting.
While most of the continent is moving online, cybersecurity has yet to receive serious attention. According to estimates, the continent loses between $3.5 billion and $4 billion a year to cyberattacks. According to Nathaniel Allen and Noëlle van der Waag-Cowling, both cybersecurity researchers, “African countries tend to have low levels of cyber maturity and possess limited offensive and defensive cyber capabilities. Virtually all rely on foreign actors to supply critical information.”