macroafricaintel | Greenberg’s Sandworm & Africa Tech

By Rafiq Raji, PhD
Twitter: @DrRafiqRaji, @macroafrica

In January, about three weeks into the New Year, the internet suddenly slowed one beautiful morning across West Africa. It is not an exaggeration. If you were not tech-savvy, patient and rational, you probably entertained the oft-misguided thought that the “village people” were likely at it again. A lot of African problems do not get solved because of this irrationality. True, you probably heard sounds of glee in that part of the wilderness of your brain you reserve for such fables. If your left brain (or “digital brain”) did not come to the rescue on time, then your day was probably ruined before it even started. Most work these days rely on the internet.

Thankfully, news filtered in soon enough that our internet troubles were as a result of cuts to the West African submarine cable system. My superstitious kinsmen probably have an explanation for how that happened. I could almost imagine one boisterous type spinning a colourful yarn about the mythic African mermaid “mammy water” being displeased about something. It certainly makes for a good bedtime story. Still, a cable was cut, and the internet slowed.

First principles
One pleasant Saturday morning in late April 2007, Toomas Hendrik Ilves, then president of Estonia, similarly woke up to a much more serious internet mishap. The internet was down. According to Andy Greenberg in his 2019 book “Sandworm: A new era of cyberwar and the hunt for the Kremlin’s most dangerous hackers”, a wonderful and instructive read if your life and work, like almost everyone’s today, depends on the internet and technology, Mr Ilves “assumed it must be a problem with the connection at his remote farmhouse, surrounded by acres of rolling hills.” (His mind did not first tilt towards the “people in the village”, at least.) Ironically, the president had been forced to his farmhouse for security reasons due to violence in Tallinn, the Estonian capital city. Clearly, his security services did not think – and probably couldn’t – to protect him from the potential mischief of the internet.

Greenberg gives a good account of Ilves’ immediate experience after his likely unconcious yawn in the aftermath of probably little sleep. The president had stuff on his mind. There were “escalating riots” in his capital city and he was ensconced in his farmhouse. “So the first thing he did upon waking up…was to open his MacBook Pro and visit the website for Estonia’s main newspaper, Postimees, looking for an update on the riots and Russia’s calls for his government’s ouster. But the news site mysteriously failed to load. His browser’s request timed out and left him with an error message.”

“Was it his computer’s Wi-Fi card? Or his router? But no, he quickly discovered that the British Financial Times loaded just fine.” The internet was working just fine, I guess. The problem was not his connection. “Somehow a significant fraction of Estonia’s entire domestic web was crippled.” It was a cyber attack. I do not want to go into detail about how they finally fixed the problem – you’d have to read the book for that pleasure. Suffice to say, they did it the old-fashioned way. They blocked “every web connection from outside Estonia.” Thereafter, they began the painstaking task of restoring sanity to the domestic web.

Some disadvantages are advantages
Bear in mind, Estonia is renowned for how it has been able to use technology to improve the lives of its citizens. Estonians can vote with their mobile phones or computers from the comfort of their living rooms or anywhere else they may be. And almost all Estonian public services can be accessed via the internet. And all it took was a cyber attack to bring it all down. For a brief while, at least. You would probably not be surprised if one were forced to wonder about the African scenario. Incidentally, Greenberg gives an account of another incident in which Africa’s still relative technological backwardness – in some respect at least – managed to save the day.

In late June 2017, employees at the Copenhagen headquaters of A.P. Moller-Maersk, the world’s largest shipping conglomerate, suddenly found they could not use their computers. Their “computers were irreversibly locked.” A malicious software had infected the company’s entire global network. And all efforts to fix the problem proved abortive. To fix the problem, they resorted to first principles as well and disconnected the entire global network; a task that took “more than two panicky hours.” To bring the network back on line, Maersk needed at least one server, a so-called “domain controller”, which functions “as a detailed map of Maersk’s systems”. But since all the domain controllers had been “wiped simultaneously” – so they thought at least – a recovery was literally impossible. Put simply, in Greenberg’s account of a Maersk IT staffer, if they couldn’t recover the domain controllers, they couldn’t recover anything. Maersk was in for a pleasant surprise. Just before the cyber attack, there was a power failure in its office in Ghana. A domain controller there escaped unscathed. Let us just say, Ghana saved the day.

Backup, backup, backup
There are many lessons for African firms and governments from these incidents. Do African governments have measures in place in the event of an internet shutdown, for instance? As the foregoing shows, an internet mishap could be because a submarine cable was cut, a malware was put into the system by mischief-makers, and so on. It is probably needless to belabour how the incidents are likely to occur. What matters is how individuals, firms and governments manage the crisis when it occurs.

During the West African submarine cable incident, since only one major service provider seemed majorly affected, individuals with multiple internet subscriptions were able to get by. And as the Estonian and Maersk examples show, it would be quite helpful if a firm or government has a standalone and offline backup system analogous to a standby generator for when public power fails. For individuals, keep hard copies of important documents, subscribe to more than one internet service provider, and so on. And if you are active on social media, try your utmost to spread your activity on multiple platforms. For all it takes for you to suddenly be in ‘analog lala land’ is a sudden change in the terms of a service agreement by an internet platform, a cyber attack on your tech infrastructure (individual, firm or country), or a submarine cable incident.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.