[bobbybabylon]

One of the things I have never seen, is an original source that details the type of attack that was done on the African National Congress HQ in Ethiopia. The only original source I have ever seen is a short piece from (of course) Le Monde. I have never seen a CVE, much less writeup of the attack.

We hear that the device was sending uploads to China in the middle of the night. But what type of uploads? And was it firmware based, or OS based? That whole Hussein(-Addis affair just seems very suspect to me.

[_djo_]

African Union, not African National Congress.

Having spoken to someone involved in the investigation, it really did happen but like anything this politically sensitive it was quickly hushed up to avoid making it more of a diplomatic incident. The AU had tried to prevent the news from leaking in the first place.

That's quite typical for espionage, where unless there's a desire to publicly burn a few bridges countries would rather have it handled quietly through regular diplomatic channels.

[bobbybabylon]

I have no idea why I typed ANC instead of AU. But I'm not going to lie, it [0] does read a lot like Western Propaganda. The Yellow Peril trope, the Magical China-Tech (the Supermicro Magic Chips), the early morning uploads to Shanghai (those Chinese are playing the long game!)etc.

Generally, trusting Western media on Africa reporting is never a good idea. But at the end of the day, this, and Snowden's revelations show - if you don't make it, then you don't own it.

[_djo_]

The original news source was African, as I recall. As was the team I’m talking about that investigated the breach.

[bobbybabylon]

Do you have a source? I only recall the Le Monde [0] article. And was the nature of the breach? You have something uploading to Shanghai for 5 years - and nobody noticed?

[0] https://www.lemonde.fr/afrique/article/2018/01/26/a-addis-ab...

[_djo_]

Sorry, afraid not. Will try to find it again.

According to the person I spoke to on the team that responded, and helped set up the new replacement system and network, there had been warnings for years about the adoption of the system and the lack of any real monitoring, but those were ignored because it was considered politically sensitive to double-check on what the Chinese had provided.

It was a new member of staff who did their own experimentation without authorisation who found it and sent it up the chain, to point where it couldn’t be ignored or hidden anymore. Mostly because that made the delegations aware of how terrible security was, whereas before it seems they’d assumed the organisation had that covered.

[pydry]

As I understood it China/Huawei offered to wire up the entire place for free and no other contractor was used.

There are 1000 different ways they could have done it.

I too would be interested in hearing more though.

[inglor_cz]

Free stuff tends to end up rather expensive eventually...

Free software might be an exception, but free hardware equipment really sounds suspicious.

[mtnGoat]

why would firmware or OS be UPloading? os and firmware updates come down. no need for a device to be pushing anything at all upstream, IMO.

[bobbybabylon]

I meant a firmware or OS vulnerability. It was claimed that the hack (whatever it was) was send info to China in the middle of the night.