Anonymous continues with its effort of fighting corruption and anomaly in governments worldwide, this time hitting Kenya’s foreign ministry by leaking nonpublic documents belonging to the agency.
The hacktivists’ goal was to uncover the malpractices of the government and corporations in Kenya, and the data breach is only a part of Anonymous initiative to expose corruption, child abuse, and child labor across Africa.
The hacker collective began to leak the foreign ministry documents a few days ago, beginning with a slew of 95 documents that were made available to the public on the Anonymous Twitter account. That’s only the tip of an iceberg, according to the online activists. In total, there is a vast treasure trove of documents, amounting to a one-terabyte of data stashed from Kenya’s Ministry of Foreign Affairs and International Trade.
However, the leaked data is not available to people who use standard web browsers like Google Chrome, Internet Explorer or Firefox. The documents must be opened using the Tor anonymity tool. The leaked documents appear to contain information about the Kenyan foreign ministry’s communications with other diplomats, trade information and international businesses.
The documents are sensitive in nature, though they are now public documents following the leak. For example, some documents contain information about the security measures taken by authorities for diplomatic tours, trade deals and discussions about the security situation in Sudan and South Sudan, where a conflict is currently heating up.
Kenya is just a speck in the wide target of the hacker collective across Africa. The other targets are Sudan and South Sudan, Zimbabwe, Tanzania, Ethiopia, South Africa, Rwanda and Uganda in what is described by Anonymous as Operation Africa.
Operation Africa hackers recently openly blamed corporations and governments in Africa for the rampant corruption, child abuse and environmental issues in the region. Ugandan Finance Ministry and the South African government were also targeted previously, their databases breached wholesale.
Although there seems to be no top secret included in the Kenyan documents leaked, the breach highlights a perennial issue with the weakest link in an organization’s security chain: the human factor. Kenya clarified that what happened was a sort of phishing attack instead of a hacking attempt, though the difference between the two does not matter in a situation where information and confidential documents have been exposed.
Accordingly, government employees clicked on the email attachments they received asking them to update their login details, thus giving cyber criminals the windows to steal their login credentials so that emails were accessed without authorization.