According to a recent report from cybersecurity intelligence firm Recorded Future, government entities in Kenya were targeted by Chinese hackers known as RedJulliett. The attacks occurred between November 2023 and April 2024, affecting over 24 government agencies globally, including those in Kenya and Rwanda.

RedJulliett focused its attacks on sectors such as government, education, technology, and diplomacy. They also targeted websites of religious organizations in Hong Kong and South Korea, as well as universities in the United States and Djibouti. The hackers exploited vulnerabilities in SoftEther enterprise VPN software, using techniques like SQL injection and directory traversal against web and SQL applications.

While it remains unclear if the hackers successfully breached these organizations, Recorded Future observed their attempts to exploit vulnerabilities. This incident is not the first involving Chinese hackers targeting Kenya; Reuters previously reported attempts in May 2023 to access sensitive information from Kenya’s finance ministry, president’s office, and intelligence agency regarding the country’s debts to China.

Kenya is receiving assistance in cybersecurity from various tech companies, including Google and Microsoft, who committed to digital investments and collaborative efforts, including cybersecurity support, as of May 2024.