Fact-check: Anonymous Sudan Group, NOT South Sudanese hackers  

An unproven claim of “South Sudanese hackers” bringing down Kenya’s eCitizen platform amidst a series of cyberattacks targeting various government and private institutions, allegedly linked to the hacking group known as Anonymous Sudan

Writers: Jibi Moses, Ochaya Jackson and Emmanuel Bida

On July 27, 2023, a tweet claimed that “South Sudanese hackers” had brought down the Kenyan eCitizen platform, but this is unproven.

“South Sudanese hackers bring down Kenya’s eCitizen platform, ICT Ministry Confirms,” the tweet reads.

The same claim, “South Sudanese hackers,” was repeated by other users on X here, here, and here.

The cyber attack on Kenya

Kenya’s cyberspace this week has been infiltrated by cyberattacks that targeted different government IT infrastructures, institutions, and private sectors. The attackers launched distributed denial-of-service (DDoS) attacks that overwhelmed various institutions’ Information Technology assets and rendered their services unavailable to the public.

On Thursday, the Kenyan government issued a statement acknowledging the attacks but saying the hackers failed to compromise the institutional IT infrastructure.

“Over the past week, unsuccessful cyberattack attempts have targeted the Government and private sectors. For clarity, the data’s privacy and security were not compromised. The system was not hacked,” reads the Kenyan government’s statement on Thursday.

The prime target of the attacks has been the Kenyan government’s e-Citizen Portal, which has most of the data from all government institutions. The Kenyan government noticed that the attacks disabled targeted systems and made them inaccessible. Still, the security architecture in place thwarted the attacker’s operations to take control of the target systems.

“The relevant Government of Kenya agencies are on high alert and have enhanced the security of the e-Citizen portal and all Government Services Sites. All Systems and Portals under the control of the Government of Kenya are safe. The Government will continue its cyber-surveillance efforts and encourage the Public and Private sectors to heighten their cyber surveillance efforts so that jointly, we secure Kenya’s Cyberspace.”

What is a DDoS attack?

A distributed denial of service (DDoS), according to Cloud Flare, is a malicious attempt to disrupt the regular traffic of a target server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of internet traffic.

And CompTIA states that DDoS manipulates computer systems, properly works network equipment and services, exploits normal behaviour, and sniffs IT protocols to find vulnerabilities to penetrate its targets or victims. 211Check researched DDoS this year and wrote an explainer detailing its prevention or mitigation by an entity or individual.

Who claimed responsibility for the attack?

According to media reports, the cyberattacks on Kenya’s critical infrastructure have been linked to the hacking group that branded itself as Anonymous Sudan. The group has gained global prominence with attacks on critical government infrastructure in various countries worldwide.

Anonymous Sudan background

According to the ThreatMon report, Anonymous Sudan crippled various institutions through their attacks in Sweden, Denmark, France, Australia, and Germany. As the report indicated, the group is allegedly pro-Russia and targets government institutions, hospitals, and airport services of countries they believe to be against Sudan.

The report added that the hacking group started earlier this year, in 2023, after launching their Telegram Group with a proclamation to attack any country against Sudan.

The cyberattacks impact

This media report also details that the cyber attacks in Kenya targeted banks, telecommunication companies, media websites, university websites, hospitals, and transport agencies, which, according to the group, was retaliation against Kenya’s government because of its statement against Sudanese sovereignty.

“The impact of the attack is being felt on the ground. Many mainstream services (such as rail and electricity tokens) rely on Mpesa payments and government services on eCitizen. This raises the question of our country’s level of preparedness, yet, it serves as a wake-up call for developing more resilient systems.” Dan Kingori, Kenyan Cybersecurity Engineer at Web for All, tells 211 Check.

“There have been numerous theories on who is to blame. But it’s terrifying. Coincidentally, the Worldcoin rollout is taking place at this time.” he adds.

The attacks reportedly suspended over 5,000 public services for 48 hours and disrupted the financial payment (M-PESA) system. 

Conclusion 

211 Check finds the claim that South Sudanese hackers brought down the Kenyan government’s eCitizen platform unproven. Anonymous Sudan, a collective of hackers, has claimed responsibility for several Distributed-Denial of Service (DDoS) attacks on critical online services in Kenya.

To ensure accuracy and transparency, we at 211 Check welcome corrections from our readers. If you spot an error in this article, please request a correction using this form. Our team will review your request and make the necessary corrections immediately, if any.

It’s vital to fight misinformation and disinformation in the media by avoiding fake news. Don’t share content you’re uncertain about. False information can harm and mislead people, risking lives—Fact-check before sharing. For more details, visit https://211check.org/ or message us on WhatsApp at +211 917 298 255. #FactsMatter