China Gifts the African Union a 21st Century Trojan Horse

China’s intelligence community demonstrated its appetite for high-risk espionage operations—and evidenced it had “cojones” at least as large as Chicago’s Millennium Park’s egg—when it built the African Union (AU) headquarters in Addis Ababa, Ethiopia. It turns out the Chinese gift was a 21st century Trojan Horse, according to the French daily newspaper, Le Monde.

The Chinese not only funded the building, but also all of its IT infrastructure. Although the building was built in 2012, the extent of China’s gutsy economic espionage caper wasn’t uncovered until 2017—the servers supporting the building were surreptitiously being backed up in Shanghai, according to Le Monde.  The PRC government has denied any wrongdoing, according to the Morocco News, with the Chinese ambassador to the AU noting the claims were a “sensational story, but also completely false and nonsense.”

Unraveling the Chinese Trojan Horse Infrastructure

The AU’s IT team, which is described as small, is being credited with the discovery, when its members noticed a high level of activity on the network from midnight to 2 a.m., when the network should have had minimal activity. An investigation showed that each night, the data from the AU headquarters in Addis Ababa was being sent to Shanghai. This data transfer allegedly was occurring every day for approximately five years.

An ensuing technology sweep of the entire building uncovered covert listening devices in multiple offices and conference rooms, according to the Le Monde article.

The Backstory

In 2012, China laid down its marker to the countries of Africa that their economies were important to China when the company stepped forward and built the new AU headquarters on what was once Ethiopia’s oldest maximum-security prison, according to Reuters. The leaders of Africa were tickled pink that the $200 million, 100-meter-tall building was being paid in full by China. At that time, China and African nations’ level of trade had exceeded $150 billion. African leaders at the time were quoted as saying, “They aren’t being manipulated by China.”

Fast forward a few years to 2015, when The Guardian shone the light on the level of economic espionage in Africa, calling Africa “the El Dorado of espionage.” Little did The Guardian know that its 2015 piece, which highlighted the activities of many nation states within Africa, showed that China was investing heavily in economic espionage. The piece specifically mentioned China’s 2007 success at moving its nuclear program ahead by allegedly pilfering data (both physically and technologically) from the South African Pebble Bed Modular Reactor. The 2009 South African National Intelligence Agency report, which The Guardian quoted, identified deficiencies in the South African government’s IT infrastructure and the activities of nation states in the economic espionage arena.

Bugging Buildings and Airplanes

Bugging buildings—or any large entity being provided to a country’s leader or representatives—is not new. In the 1980s, the Russians successfully bugged the new U.S. Embassy. Interestingly, in 1990 when the USSR transitioned to Russia, the United States was gifted a schematic showing the Russian bugs within the entire infrastructure. Skeptical at being hoodwinked, the United States opted to tear down the top two floors and completely rebuild these floors using U.S. materials and personnel. Then in 2002, the jet manufactured by Boeing for China’s premier allegedly had been wired for sound with multiple listening devices that eventually were discovered by the Chinese, according to the Chicago Tribune. It’s what intelligence organizations do: They take advantage of an opportunity to enhance their intelligence collection. China does it as well as any nation.

Pan-African Summit

The pan-African summit, being held Jan. 28-30, is taking place in the headquarters of the African Union. AU members have already suggested, on the tails of the Le Monde piece, that cybersecurity will find its way onto the agenda. Let us hope that those rooms where sensitive discussions are taking place were both physically and technologically secured. As we know, China hasn’t taken its foot off the gas, and its capacity for being audacious and taking the long-term perspective in the world of economic espionage has been evidenced by their Addis Abba success.

Featured eBook
7 Reasons Why CISOs Should Care About DevSecOps

7 Reasons Why CISOs Should Care About DevSecOps

DevOps is no longer an experimental phenomenon or bleeding edge way of delivering software. It’s now accepted as a gold standard for delivering software. It’s time for CISOs to stop fearing DevOps and start recognizing that by embedding security into the process they’re setting themselves up for huge potential upsides. Download this eBook to learn ... Read More
Security Boulevard

Christopher Burgess

Christopher Burgess (@burgessct) is a writer, speaker and commentator on security issues. He is a former Senior Security Advisor to Cisco and served 30+ years within the CIA which awarded him the Distinguished Career Intelligence Medal upon his retirement. Christopher co-authored the book, “Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century”. He also founded the non-profit: Senior Online Safety.

burgesschristopher has 87 posts and counting.See all posts by burgesschristopher

2 thoughts on “China Gifts the African Union a 21st Century Trojan Horse

Comments are closed.