Last June, Senegal's Telecommunications and Posts Regulatory Authority (ARTP) suffered a cyber attack. The attack was claimed by the hacker group Karakut.
The hackers claimed to have stolen more than 140 GB of sensitive data from ARTP. These are outlook files which may contain : the body of messages or Word, Powerpoint, Excel and PDF documents. Unlike several other cyber attack groups, the Karakut group didn’t use a ransomware. It used the APT (Advanced Persistent Threat) technique to remain invisible for a long time in order to get hold of sensitive information. The group therefore focuses on data exfiltration and not on disabling the system.
It was about 4 months after the cyber attack that the hackers started to release 4% of the stolen data. Following this, the Karakut group threatened the ARTP with the release of the rest of the data on 24 October, but we have no information yet about this new data leak.
Resilient cybersecurity is becoming an important prerequisite to ensure market integrity. In Africa, this remains a significant challenge, with many organizations still unprepared for cyberattacks. The latest Global Cybersecurity Index reported that only 23 African countries had a national cybersecurity strategy.