Update April 12th 2021: We are happy to report 14 African and 16 Indo-Pacific countries and territories successfully signed up for our free daily network reports, taking us to 131 National CSIRTs covering 173 countries. We are still seeking additional contacts for the countries in the table below that are not yet shown in green. Please contact us if you can help.
We are pleased to announce that in February we received a grant from the UK’s Foreign, Commonwealth & Development Office to conduct a short surge. Its purpose is to improve the support we offer to Africa and the Indo-Pacific region.
Like many of the challenges to stability and prosperity, cyber threats do not respect borders. Extending our outreach and engagement activities to countries within Africa and the Indo-Pacific is another capacity building step in the long journey towards achieving regional cyber resilience. The target regions are home to some of the fastest growing economies in the world, with populations of billions, operating some of the mostly highly connected fixed and emerging 4/5G mobile networks, but can also suffer disproportionately from energy and digital poverty. The Shadowserver Foundation has a huge amount of data available to help network defenders and victims of cybercrime, that it shares for free with National CSIRTs and network owners every day, but it can be challenging for us to get that data to the people who can use it most effectively.
In recent weeks, we have redoubled our international outreach and development efforts to:
- contact countries that do not subscribe to our free daily network reports, and sign them up;
- expand our state-of-the-art global honeypot sensor network;
- add new Web Application and enhanced IoT attack detection capabilities;
- enhance malware and botnet sinkholing, focusing on regional malware threats;
- improve the volume and types of daily network reports provided for free through our reports to all National CSIRTs and network owners globally.
Despite the short time scales, with the FCDO’s generous support, the team has already achieved significant success. However, there are some specific areas in which we need the support of the community to help connect us with more organizations and countries in the target regions.
So, how can you help secure your part of the Internet? Do you need information on the latest cyber-threats, such as the current global Microsoft Exchange server compromises or the recent Emotet takedown?
Our four questions and actions for you:
- Do you have a national responsibility for networks in one of the countries listed below?
We want to hear from you.
- Do you operate a datacenter or provide hosting services in any country in Africa or the Indo-Pacific? Can you host sensors – either as a donation or a commercial purchase? If so, please make contact.
- Do you run a network in Africa or the Indo-Pacific regions? Sign up for our free reports on your IP space.
- Do you know people with connections in the region who could help us find them quickly? If so, we would love you to get in touch and help get the message out on Twitter or LinkedIn.
We are still missing contacts at the national level for these countries:
|CF||Central African Republic||NE||Niger|
|TD||Chad||CG||Republic of the Congo|
|GQ||Equatorial Guinea||SH||Saint Helena|
|ER||Eritrea||ST||Sao Tome and Principe|
|IO||British Indian Ocean Territory||NR||Nauru|
|CX||Christmas Island||NC||New Caledonia|
|CK||Cook Islands||NF||Norfolk Island|
|PF||French Polynesia||SB||Solomon Islands|
|MH||Marshall Islands||WF||Wallis and Futuna|
Shadowserver is seeking responsible bodies in each of the above countries which can receive our free daily network reports and assist in improving Internet security globally (countries shown in green were not already subscribed to our reports at the start of this surge).
For organizations for which introductory documents are beneficial, we have prepared two short briefings. The first is for National entities (such as CERTs and CSIRTs). The second is aimed at Network Operators (such as ISPs, big businesses, datacenter operators, health services, academia, etc.). These documents can be distributed to interested parties at TLP:WHTE. We have also previously published a threat spotlight on Africa, as well as blogs on support for CERT/CSIRTs and some of our honeypot sensor network activities (including an explainer video).
If you can help in other ways, please contact us. Perhaps you know of businesses in the region or have contacts with governments, academia, ISPs or other service providers which could benefit from our reports. As a non-profit organization, The Shadowserver Foundation does not charge for our public benefit services. Our only competitors are criminals and other threat actors who seek to benefit from the insecurity of online devices. Our goal is to ethically and responsibly share what we know – at no cost to the recipient – to help legitimate users better protect themselves and make the Internet safer for everyone.
We are grateful to everyone at organizations such as NRD Cyber Security, AfricaCERT, JPCERT/CC, APNIC, CERT NZ, ACSC, PacSON, EU Cyber4dev, Torchlight, Interpol and the United Nations who have so enthusiastically helped to make introductions for us already. Hopefully, there will be many more to come. We will report back on progress after the end of March, but we are excited to be able to start 2021 with such positive international activity. In the meantime, we look forward to hearing from our fantastic community. Please connect us and help us to provide improved, timely, actionable, free cyber threat intelligence support to as many additional target countries as possible.