In addition to money, which remains the main motivation of cyberattackers, another motivation has gradually emerged since the beginning of the 21st century: hacktivism. In this context, cyberattacks are perpetrated for the purpose of activism.
This trend has been clearly manifested through recent cyberattacks that have affected government sites. “We don’t work for the money (…). We work for justice”said Mysterious Team Bangladesh.
Mysterious Team Bangladesh?
According to our research, MTB, also known as ” bangladeshi cyber warriors would be a Bangladeshi politico-religious hacktivist group. In early May 2023, he claimed responsibility for several cyberattacks, including some in Ethiopia. According to them, these attacks are motivated by accusations of supporting Jews, Israel and the torture of Muslim women in this country located on the Horn of Africa. Mysterious Team Bangladesh is also responsible for the cyberattacks perpetrated against Israel, claiming to act in solidarity with the Palestinian people.
On May 29, at the time of writing this article, in France, the site of La Poste was the target of a cyberattack, resulting in a temporary disruption of its services. This attack was claimed by Mysterious Team Bangladesh, the same group responsible for the cyberattacks directed against Senegal.
But that was to be expected…
On March 5, 2021, the collective Anonymous had indeed warned the regime in place following the restrictions on Internet access observed in the country during the “events of March”, marked by waves of uprising.
It is probably this warning against Senegal that has led some people to believe that Anonymous was behind the cyberattacks suffered by the country since Friday, May 26, 2023. However, it is certain that the collective has never officially claimed these attacks. Anonymous is often associated with even more serious cyberattacks. But due to its decentralized operation, presumably to avoid being dismantled, anyone can claim to be part of Anonymous.
Recall that Anonymous is a hacker collective created around 2003. It is considered one of the ten most famous hacker collectives of all time by the cybersecurity giant Kaspersky. He is known for his involvement in numerous cyberattacks around the world. In 2022, the collective had declared a cyberwar against Russia after its invasion of Ukraine.
The beginnings of the cyberattack
On May 22, 2023, around 8 p.m., on Twitter, an almost unnoticed poll was launched by Mysterious Team Bangladesh in preparation for its attacks. Of the 134 voters, 90% were in favor of the operation, while 10% were against it. Finally, on May 24, at the same time, following the survey, the group announced that it would soon launch an operation in Senegalese cyberspace. At this point, the dice were cast.
The start of hostilities
On Friday, May 26, around 8 p.m., the “#OpSN” operation was launched, triggering a DDoS type attack – distributed denial of service – massively directed against around twenty government sites. However, the attackers clearly had a hard time taking all the sites offline, as some became accessible again minutes later. To catch up, around 11 p.m., one of their members launched a call on Twitter, asking for reinforcements: “ Join the DDoS attack, together we can make a difference “. And a few minutes later, around twenty gov.sn sites had become inaccessible.
On Saturday 27, the government, through its spokesman Abdou Karim FOFANA, confirmed the attack. “After verification, this is a DDoS attack,” he said.
On May 29, it was Groupe Futur Média’s turn to suffer the onslaught of the Mysterious Team. The Igfm and obs sites were taken offline mid-morning. They are accused of having published false information on the situation in the country. The same facts were also reproached to the newspaper LeQuotidien, whose site remained unavailable for more than 2 hours on May 30, shortly before 7 a.m. The attack was still of the DDoS type.
What exactly is a DDoS attack?
A denial of service (DDoS) attack manifests itself in different forms and aims to make a website or computer resource unavailable by overwhelming it with traffic. In order to carry out this type of cyberattack, hackers start by infecting devices without the knowledge of their owners, such as computers or connected objects (IoT). These infected devices are then enabled to send a high volume of malicious traffic aimed at, for example, overloading a site’s bandwidth and taking it offline. This network of “zombified” devices enlisted in a DDoS attack is called a botnet.
Although distributed denial of service (DDoS) attacks are common, they are not the most dreadful cyberattacks. In fact, they are not even considered complex to set up. Because it is possible today to buy or rent a botnet ready to go for less than $20 on the dark weballowing anyone, even without special technical skills, to carry out DDoS attacks.
More devastating attacks, such as ransomware, are of much greater concern. A prominent example is the attack that hit the ARTP in October 2022. These attacks have a much more significant impact and can cause considerable damage.
Indeed, during an attack of the type ransomware, the hacker targets the victim’s files and encrypts them, or exploits security holes to crash computer systems. Then, he demands the payment of a ransom within a fixed period of time, in exchange for a decryption key. During the attack on the ARTP, the group Karakurt reportedly demanded a ransom of $70,000 or the 102GB of data stolen from them would be disclosed. A few days later, the hackers carried out their threat by publishing all the data in free access on their site dark web Karanews.
The largest known ransom demand to date is $70 million. This pharaonic amount was claimed from Kaseyaan American computer company, after its computer system was crippled by the REvil ransomware. This attack had repercussions on nearly 1,500 companies around the world. In light of the above, it is clear that Senegal will be no exception.
Altogether
It is crucial for the state to give greater priority to cybersecurity. The legal framework does not pose a problem, because Senegal, true to its habits, has adhered to almost all the conventions in the field of cybercrime and cybersecurity, in particular the Budapest and Malabo conventions.
Since 2008, Senegal has had its own law on cybercrime, which was later integrated into the penal code. At the same time, a National Cybersecurity Strategy was developed in 2017, with a vision for 2022. Recently, the President of the Republic expressed the need to update this strategy in order to strengthen Senegal’s digital sovereignty.
In our opinion, there is an urgent need to strengthen the human and technical resources of structures such as the DCSSI — Directorate General for Numbers and Information Systems Security. In accordance with article 2 of its creation decree no. 2021-35, this entity is responsible for implementing the information systems security and defense policy. This reinforcement would make it possible to better deal with all the forms of cyberattacks that Senegal could face. Indeed, more sophisticated cyberattacks in the future could target more critical infrastructure in the country rather than just websites.
Mamadou Lamine Niang DIA, lawyer specializing in digital law and author of a Master’s thesis on cybercrime defended in 2021 at Alioune Diop University in Bambey.