Cyber mercenaries: Inside the shadowy world of the silent warriors
The activities of Cyber Mercenaries are becoming an increasing threat to peace and security in South Africa and the rest of the African Continent. They are willing to fight a Cyber War for anyone who is prepared to pay for their highly specialised services, including: Denial of Service Attacks, Surveillance, Espionage, Malware 'kits', Hacking, Social Engineering, Information Gathering, Spam/Scam Distribution, Social Media Bots, The Sale of Stolen Information; and the Generation of Deep-Fakes. BizNews gets taken into their world by Noelle Van der Waag-Cowling, the Cyber Programme Lead at the Security Institute for Governance and Leadership in Africa (SIGLA) at Stellenbosch University. She talks about their capabilities, their clients, their motives, their modus operandi – and shares details of some of the damage they have inflicted already. "Any type of cyber activity that you'd like to execute can be at your fingertips if your money is right," she says. – Chris Steyn
Sign up for your early morning brew of the BizNews Insider to keep you up to speed with the content that matters. The newsletter will land in your inbox at 5:30am weekdays. Register here.
Watch here
Relevant timestamps from the interview
- 00:00 – Introductions
- 00:26 – Noelle Van der Waag-Cowling on what cyber mercenaries
- 05:26 – Van der Waag-Cowling on the main clients of cyber mercenaries
- 06:55 – On the dangerous capabilities of cyber mercenaries
- 09:44 – On how seriously cyber security is taken
- 12:45 – On cyber attacks in South Africa
- 14:54 – On extreme examples of cyber attacks in Africa
- 17:42 – On measures that can be taken to prevent cyber meddling in the 2024 election in South Africa
- 22:07 – On the Bell Pottinger case
- 24:55 – Concludes
Listen here
Highlights from the interview
The activities of Cyber Mercenaries are becoming an increasing threat to peace and security in South Africa and the rest of the African Continent.
They are willing to fight a Cyber War for anyone who is prepared to pay for their highly specialised services, including: Denial of Service Attacks, Surveillance, Espionage, Malware 'kits', Hacking, Social Engineering, Information Gathering, Spam/Scam Distribution, Social Media Bots, The Sale of Stolen Information; and the Generation of Deep-Fakes.
BizNews gets taken into their shadowy world by Noelle Van der Waag-Cowling, the Cyber Programme Lead at the Security Institute for Governance and Leadership in Africa (SIGLA) at Stellenbosch University.
She talks about their capabilities, their clients, their motives, their modus operandi – and shares details of some of the damage they have inflicted already.
"The first problem is that there's almost zero visibility of who these actors are.
"But we talk about Offensive Cyber Threat Proliferation. And this is squarely where these actors fit in.
"So, in some cases, in many cases in fact, these mercenaries wouldn't necessarily classify themselves as being mercenaries. You will get a consulting firm that's a little bit…on the edge and offers services to government, digital services, for example. And very often these are staffed by ex-intelligence, ex-military people…
"Now what happens is they'll provide services to governments, intelligence services…but where the problem often comes in then is when mission creep begins and the firm that's assisting a government, their brief gets bigger and bigger We've seen case studies of this…where it moves from being consulting to actually taking part in operations."
Another type of Cyber Mercenary is the Shadow Cyber Weapons Broker or Cyber Surveillance Broker.
"Very, very difficult to monitor and understand because at the end of the day, the shipping of armaments is one thing, but cyber weapons are code. And that code, obviously software code, can very easily be pushed out over a cloud to the other side of the world."
In addition to those Cyber Mercenaries, there is "a whole bunch of bad actors", including "normal" cyber criminal groups who can also then sell their services to a state that wants to do something to another state. And by doing so, it's easy to avoid attribution as a state actor because it's done through this third party."
Van der Waag-Cowling says that when one looks at the strategic area where Cyber Mercenaries operate, it would be either for a state or an insurgent grouping "or something like that".
At their most dangerous, they have the capabilities to "bring down the entire communications network of the country, or the national payment system through which all money flows."
But they could be capable of even worse. "And so if you're looking at what could be things that go really, really wrong…some countries worry about a nuclear… cyber convergence, for example; cyber attackers get into a nuclear power station, actually able to cross that threshold and have what we call kinetic effects. So, starting to have some type of effect that could actually cause nuclear damage or physical damage to the nuclear power station."
However, very prevalent now are "hybrid" type operations "where you meddle in another state on an ongoing basis".
That would include "a mixture of vectors such as consistent disinformation campaigns, some cyber disruption, various cognitive types of campaigns and potentially supporting an insurgency here or a populist movement there that you can see is going to be physically disruptive. So a whole little mix of things, but very hard to attribute to whoever's actually pushing out those campaigns."
Van der Waag-Cowling stresses that the world of Cyber Mercenaries is difficult to understand and comprehend. "What I can say is that the danger is that they have meant that any type of cyber activity that you'd like to execute can be at your fingertips if your money is right."
Read also: