The headquarters of the African Union in Ethiopia, built by Chinese firms, was reportedly compromised for five years by computers and network appliances uploading sensitive data to China-based systems. Despite China’s denial of any espionage through the technology supply chain, the security of the pan-African organization was compromised.
Recent supply-chain breaches have highlighted the risks associated with reliance on foreign technological supply chains. While China was initially considered a less constrained option compared to US and European alternatives, the incident at the African Union has led African nations to reassess the security of all their supply chains, across applications, consumer devices, infrastructure, and service providers. A report from the Africa Center for Strategic Studies emphasized the need for a thorough evaluation of supply chain security.
Nate Allen, an associate professor at the Africa Center for Strategic Studies, pointed out the growing African interest in fostering a more robust technology industry and exerting ownership and agency over various aspects of the technology sector. The need for African nations to have more control over their technology supply chains has become increasingly apparent.
Supply-chain security is a global concern, as evidenced by incidents like the WannaCry and NotPetya worms, the SolarWinds compromise, and IT supply-chain failures. The US government has expressed apprehension over the reliance of US maritime ports on Chinese equipment and investment. Similarly, African nations are wary of information technology supplied by foreign countries such as China, Russia, the US, and Europe.
Mark Walker, vice president of data and analytics for the Middle East, Turkey, and Africa at IDC South Africa, highlighted the importance of developing local software and technology skills within African populations to reduce reliance on global players. The efforts of African nations to lessen their dependence on foreign technology suppliers are still in the early stages, with China and the US currently dominating the technology market in Africa.
As African nations strive to assert agency over their technology supply chains, fostering diversity and competition within the tech sector is crucial. The domestic technology sector in Africa continues to grow, offering insight into specific country needs and opportunities for African governments to mitigate vulnerabilities from external influence.
The future of technology supply chains in Africa will depend on how companies address cybersecurity concerns and provide relevant technologies and services at fair prices with local support structures. Security issues vary across regions in Africa, highlighting the need for a nuanced understanding of local market dynamics and regulatory environments.
Incidents like Chinese hackers targeting Kenyan officials and state-sponsored groups engaging in cyber espionage underscore the importance of securing technology supply chains in Africa. African officials have also emphasized the need to protect open-source software (OSS) supply chains to prevent malicious attacks. Companies operating in African markets must prioritize security measures to mitigate the risks associated with foreign technology products.
In conclusion, the evolving landscape of technology supply chains in Africa necessitates a strategic approach to enhancing cybersecurity, promoting local skills development, and reducing reliance on external actors. African nations are recognizing the importance of safeguarding their technology infrastructure and asserting greater control over their tech ecosystems to ensure resilience and security in the face of global threats.