xorl %eax, %eax

OPSEC fail: China and the African Union center

leave a comment »

It is becoming more and more common seeing big players doing childish operations security mistakes and this is one of them. The entire failure can be summarized effectively by the following picture. But looks like some people have still a lot to learn…

The story is relatively simple and straightforward. Around 5 years ago China donated the headquarters building, including all the infrastructure and technical support, of the organization in Addis Ababa. African Union happily started using it as it was a generous diplomatic relationship act. But 5 years later, in January 2018 it was discovered that the servers of the building were backdoored.

Specifically, they noticed that every night at around 02:00 there was a lot of traffic originating from the African Union’s HQ with the destination being some unidentified servers in Shanghai, China. The story was brought to light by Le Monde on 26 January 2018.

So, the lesson here is simple. There is so such thing as free lunch. No matter who you are or what you do, no one will give you something for no reason. Especially when it comes to technology. If you are in a decision making position keep this in mind (if you didn’t already), trust no one.

Written by xorl

February 5, 2018 at 19:37

Posted in opsec

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: