A fire on Sunday exposed illegal activity and suspicion of a large scale Chinese cyber-espionage scheme targeting Kenya's communication systems as well as its banking data and ATM machines, leading to 77 arrests, with IT security experts and government officials from both countries stepping into the investigations.
Seventy seven confirmed Chinese nationals have been arrested thus far, held under charges that include unlawful operation of radio equipment and living in the country without documentation. However, a police statement on Wednesday confirmed that the group appeared to be manufacturing ATM cards and might also be involved in internet fraud and money laundering, and by Thursday technical experts were called in to determine if cyber-espionage was a factor.
"We have roped in experts to tell us if they were committing crimes of espionage," said Ndegwa Muhoro, the head of criminal investigations for Kenya's police, said in a statement to the AP. "These people seem to have been brought here specifically for a mission which we are investigating."
Kenya's minister of foreign affairs and the minister of information communications and technology as well as the Chinese ambassador have all been looking at the issue, and according to news sources, China has also promised to send its own investigators to Kenya.
The criminal activity took place in a house rented by Chinese nationals in an upscale neighbourhood near the UN headquarters and the US embassy. The fire which resulted in its exposure is believed to have been started by a malfunctioning server, and the subsequent house raid revealed numerous servers, monitors and headsets, as well as high speed internet access.
“It interesting to note that this operation came about through an inadvertent fire and tragic death,” Adrian Culley, technical consultant at Damballa commented to SC. "It was not intelligence-led or pre-planned."
“Given the speed of the summoning of the Chinese ambassador to the Kenyan foreign ministry," Culley continued, "the close scrutiny currently being given to the passports of all 77 individuals arrested and the sheer scale of the enterprise, if the Chinese government did truly have no knowledge of this operation, it is at best a massive intelligence failure on their part."
“It will possibly be some time before the full scale of the Criminal/State operation that has been disrupted is uncovered. This appears to be a good day for victims of Chinese sponsored cyber crime.“