In a startling development, fraudsters have leveraged artificial intelligence (AI) to impersonate the chairman of the African Union Commission, Moussa Faki Mahamat. This audacious cybercrime exposed vulnerabilities in the communication channels of the African Union (AU) leadership, as impostors successfully imitated Faki’s voice, conducted video calls with European leaders, and even organized meetings under pretenses.
The African Union Commission and its leadership
The African Union Commission (AUC) operates as the executive and administrative branch, serving as the secretariat of the African Union (AU). It is vital in coordinating AU activities and liaising with international partners, similar to the European Commission’s role within the European Union.
Moussa Faki Mahamat, as the chair of the AUC, frequently engages in formal communications with global leaders to arrange meetings, a process facilitated through a “note verbal.” These diplomatic notes are a standard procedure for scheduling meetings between the AU leadership and representatives of foreign countries or international organizations.
However, cybercriminals exploited this routine, utilizing AI tools to mimic Faki’s identity. They succeeded in making video calls to European capitals under the guise of arranging meetings. This impersonation, which extended to imitating Faki’s voice, raised alarms within the AUC and among European leaders.
Utilizing counterfeit email addresses
The cybercriminals employed counterfeit email addresses and impersonated the AUC’s deputy chief of staff to arrange calls between Faki and leaders of foreign countries. They even met with various European leaders, relying on deepfake video alterations to convincingly impersonate Faki.
The AUC responded to these incidents regretfully, emphasizing its commitment to using official diplomatic channels for communication with foreign governments, typically via their embassies in Addis Ababa, where the AU headquarters is located.
Deceptive emails and phishing
The AUC categorized these deceptive emails as “phishing,” suggesting that the perpetrators may have aimed to steal digital identities for unauthorized access to privileged information. This incident underscores the need for heightened cybersecurity measures to safeguard sensitive diplomatic communications.
Deepfakes on the rise in africa
Deepfake technology, exploited by cybercriminals in this incident, is increasingly gaining prominence in Africa. It is occasionally utilized by various entities to spread misinformation and propaganda across the continent. Deepfakes involve using AI tools to create highly convincing video or audio content of individuals saying or doing things they have not done.
Earlier this year, fabricated videos circulated on social media in Burkina Faso, urging citizens to support the military junta. These deceptive videos were created using Synthesia, an AI software for video generation. Similar videos emerged in Mali the previous year. In a notorious case in Gabon in 2018, a suspected deepfake video nearly led to the government’s downfall, as reported by Africa Defense Forum magazine (ADF).
Digitalization and cybersecurity challenges in Africa
While Africa’s e-economy is projected to contribute significantly to the overall economy, estimated at USD 180 billion by 2025, rapid digitalization also brings inherent threats. Cybercrime alone could potentially cost the continent as much as USD 4 billion annually, according to estimates reported on the Investment Monitor website.
While the AUC expressed regret over the cybercrime incident targeting Moussa Faki Mahamat, the organization did not provide specific details regarding the investigation and apprehension of the perpetrators. Furthermore, there was no mention of measures the AUC plans to implement to prevent future deepfake attacks or enhance cybersecurity within the organization.
The impersonation of Moussa Faki Mahamat, chairman of the African Union Commission, using AI-driven deepfake technology, highlights the evolving threat landscape in the digital age. This incident underscores the importance of robust cybersecurity measures and vigilant monitoring of communication channels for governments and international organizations.
As Africa’s digital economy grows, so do the challenges associated with cybersecurity and protecting sensitive diplomatic communications. Addressing these challenges is vital to ensuring the continued development of Africa’s e-economy while safeguarding against cyber threats that could have far-reaching consequences. The lessons learned from this incident may catalyze strengthening cybersecurity efforts in the region.
