Page 43 - EngineerIT October 2022
P. 43

TECHNOLOGY AND INNOVATION


        Chinese and Russian partnerships in South Africa


        should extend to the cyber realm




                hile informal collectives of ‘friendly’ nations, like the
                BRICS group, have met several times to discuss ways
        Wof cooperating on the global state over the years,
        these friendships do often have their limits. This is evident
        where, whether by intention or omission, little action has been
        taken by the governments of China and Russia to protect South
        Africa from the less visible but critical threats of cyber crime
        and political disinformation.
           For example, in the last six months, Trellix, through its
        extended detection and response (XDR) framework that
        combines artificial intelligence, machine learning, and
        automation, identified that most threat actors conducting cyber
        crime campaigns in South Africa appear to reside in China or   have been seen through South Africa’s alliance to BRICS
        Russia – where both governments seemingly turn a blind eye   countries such as Russia and China,” says Carlo Bolzonello,
        to operators within their own jurisdictions as long as they don’t   country lead for Trellix in South Africa. “In time, we hope
        focus their attacks on victims within their own borders. These   to see mutual support in the fight against cyber crime and
        threat actors included Mustang Panda, APT10 in China, and   disinformation become part of the close relationships with
        APT28 and APT29 in Russia.                             these nations that we’ve forged.”
           Russia took this reluctance to prosecute external cyber   “Friends must act as friends, and China and Russia could
        crime further in its 2021 proposal for the United Nations Treaty   go far to avoid the label of ‘frenemy’ by helping us protect
        on Cybercrime. Its Article 33 on the ‘collection of information   ourselves from political interference and cybercrime,” says
        transmitted by means of ICT’ refers to the interception of   Carlo Bolzonello, country lead for Trellix in South Africa.
        content and other data but is not precise enough to limit   “The Chinese and Russian governments and corporate
        interception to serious crimes.                        entities should extend the cooperation they have exhibited
           In its quest for cyber sovereignty, China’s 2017    in extensive physical and digital infrastructure projects to
        ‘International Strategy of Cooperation on Cyberspace’ stresses   support Cape Town’s efforts to confront the cyber crime and
        that ‘countries should respect each other’s right to choose their   political disinformation striking South Africa from within their
        own path of cyber development, model of cyber regulation and   borders.”
        internet public policies, and participate in international cyber   The impact of this malicious activity extends from national
        space governance on an equal footing.                  political implications to the havoc that cyber criminals can
           However, the United States Cybersecurity and Infrastructure   wreak on businesses and state organisations – even having
        Security Agency believes that the Chinese government engages   real potential to topple economies, whether it’s through
        in malicious cyber activities to pursue national interests.   ransomware that could cripple an organisation operationally
        Malicious cyber activities attributed to the Chinese government   and financially, or through industrial espionage that could give
        targeted and continue to target various industries, including   a foreign business a competitive advantage in bidding for a
        healthcare, financial services, defence, energy government   state contract,” he explains.
        facilities, critical manufacturing, communications, education   Against this context, any organisation operating in South
        and other organisations.                               Africa must take every measure possible to invest in platforms
           It’s not just in the cyber crime realm that malicious   and tools that offer a holistic cyber security ecosystem that
        digital activity has been traced to Russia. The Africa Centre   consolidates all security products into an interconnected,
        for Strategic Studies revealed the country’s model of   constantly communicating platform that always learns and
        disinformation to gain political influence in Africa, including the   adapts to new threats.
        #IStandWithPutin and #IStandWithRussia campaigns in early   “Organisations operating on this geopolitical landscape
        2022, seen in South Africa, Ghana and Nigeria.         must make themselves more aware of the immense cyber
           Meanwhile, sizeable investments into South Africa’s critical   security risks and threat campaigns confronting them,”
        infrastructure were being made by both China and Russia   Bolzonello continues. “They must also insist on compliance
        during this same period – raising some red flags about their   with POPIA and GDPR and require any entities with which they
        potential access to our country’s vital systems.       interact in an operational capacity to subscribe to a similar or
           “There are so many positive outcomes and benefits that   better approach to cyber security.”


                                                  EngineerIT | October 2022 | 41
   38   39   40   41   42   43   44   45   46   47   48