A report released by cybersecurity intelligence company, Recorded Future, indicates that Kenyan government agencies were among organisations targeted by suspected Chinese hackers.
According to the report, the group identifying itself as RedJulliett conducted the attacks between November 23 and April 2024.
Although RedJulliett mostly targeted Taiwan, over 24 government organisations were targeted across different countries.
Recorded Future indicated that Taiwan, Laos, Kenya, and Rwanda government institutions were among the targeted organisations.
Among targeted sectors include education, technology and diplomacy according to the report.
“It also hacked into websites of religious organisations in Hong Kong and South Korea, a US university and a Djiboutian university,” the report indicated.
A list of specific agencies which were compromised during the hacking was, however, not made public.
“RedJulliett accessed the servers of those places via a vulnerability in their SoftEther enterprise virtual private network (VPN) software, an open-source VPN that allows remote connections to an organisation's networks,” Recorded Future explained how the hacking was carried out.
Recorded Future did not reveal if crucial data was stolen by the suspected Chinese hackers.
“RedJulliett is likely based out of the city of Fuzhou in China's southern Fujian province whose coast faces Taiwan,” the cybersecurity intelligence company revealed.
This was not the first time the Chinese government was being accused of sponsoring attacks on Kenyan government agencies.
In May 2023, a report by Reuters indicated that Chinese hackers were targeting the Kenyan government due to the ballooning debt advanced by the Chinese government.
At the time, it was reported that the hackers succeeded in obtaining information on debt owed to Beijing by the Kenyan government.