Thursday, October 17, 2024

How safe are our ATMs here?Anew variant of the FASTCash malware, previously known to target Windows and AIX systems, has now been identified targeting Linux-based payment switches.


FASTCash, first documented by U.S. CISA in 2018, has been linked to a series of ATM cashout schemes targeting banks in Africa and Asia since at least 2016, and has been developed by the notorious North Korean state-backed hacking group known as Lazarus (aka Hidden Cobra).

The malware operates by compromising payment switch servers, which are crucial components of a bank’s infrastructure responsible for processing card transactions. These systems handle the flow of transaction data between acquirers (the banks that enable merchants to accept payments), issuers (the banks that provide cards), and card networks like Visa and Mastercard. By targeting these payment switch servers, the malware disrupts the entire transaction process, making financial institutions vulnerable to fraud.

FASTCash for Linux uses Ubuntu Linux 22.04 (Focal Fossa), C++ programming language, AES-128 CBC encryption, and a hardcoded key to protect the configuration file.

A researcher, using the handle HaxRob, discovered two new samples of FASTCash for Linux switches in June 2023, one compiled for Ubuntu Linux 20.04 and likely developed after April 21, 2022, and the other likely not used. As of Sunday, only four anti-malware engines detected each sample.

HaxRob explains that the malware is present in the userspace of an interbank switch. When a compromised card is used for fraudulent translation, FASTCash manipulates messages received from issuers, causing transaction messages for denies to be converted to approvals.

The Linux variant of FASTCash is disguised as a shared object file named “libMyFc.so.” It specifically targets ISO 8583 messages – the standard format for communication within payment networks, intercepting declined transaction messages, typically triggered by insufficient funds, for a predetermined list of cardholder accounts. 

It then manipulates these messages, authorizing them for a random withdrawal amount in Turkish Lira, ranging from 12,000 to 30,000 Lira ($350 to $875). This modus operandi mirrors a Windows variant of FASTCash identified by the Cybersecurity and Infrastructure Security Agency (CISA) in September 2020.

For targeted transactions, the malware modifies the authorization response message by:

  • Removing specific data elements to avoid detection.
  • Overwriting the processing code to indicate approval.
  • Adding a random amount of Turkish Lira to the transaction amount.
North Korean Hackers Deploy Linux FASTCash Malware for ATM Cashouts
Attack flow chart

This expansion highlights the increasing sophistication and persistence of North Korean cyberattacks aimed at financial institutions and the need for enhanced security measures in payment switch systems.

Organizations should implement robust detection capabilities, regularly update software, configure security controls, patch and update systems, implement strong network security, conduct regular audits, and educate staff on phishing and social engineering risks to stay protected.

The US DoJ indicts two Sudanese nationals allegedly behind Anonymous Sudan for over 35,000 DDoS attacks targeting critical infrastructure, hospitals, and major tech firms.

 The FBI seized a powerful DDoS tool; victims include the DOJ, Microsoft, and Cedars-Sinai.The United States Department of Justice (DoJ) has indicted two Sudanese nationals for their alleged role in operating the hacktivist group Anonymous Sudan. The group claimed fame for conducting “tens of thousands” of large-scale and crippling Distributed Denial of Service attacks (DDoS attacks) targeting critical infrastructure, corporate networks, and government agencies globally.The Alleged Masterminds Behind the Attacks are:Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27, stand accused of conspiracy to damage protected computers. Ahmed Salah faces additional charges for damaging protected computers.The duo is believed to have controlled Anonymous Sudan, which, since early 2023, launched attacks on high-profile entities such as ChatGPT, UAE’s Flydubai Airline, London Internet Exchange, Microsoft, and the Israeli BAZAN Group.The group and its clients also utilized the Distributed Cloud Attack Tool (DCAT) to conduct over 35,000 DDoS attacks. These attacks targeted sensitive government and critical infrastructure in the U.S. and globally, including the Department of Justice, Department of Defense, FBI, State Department, and Cedars-Sinai Medical Center in Los Angeles.The attacks, which sometimes lasted days, reportedly caused major damage, often crippling websites and networks. For instance, the attack on Cedars-Sinai Medical Center forced the redirection of incoming patients for eight hours, causing over $10 million in damages to U.S. victims.FBI Seized Anonymous Sudan’s DDoS ToolFor your information, DCAT refers to a type of malicious tool or framework that exploits cloud resources across multiple geographic locations to execute cyberattacks. These tools often take advantage of the scalability, distribution, and on-demand nature of cloud services to create strong attack infrastructures.According to the DoJ’s press release, in March 2024, the U.S. Attorney’s Office and the FBI, acting on court-authorized seizure warrants, successfully disabled and seized Anonymous Sudan’s “powerful DDoS tool.” This tool, which the group allegedly used to execute attacks and sold as a service to other criminals, was the base of their operations.The March 2024 operation, which disrupted the DCAT tool (also known as “Godzilla,” “Skynet,” and “InfraShutdown”), involved seizing key components, including servers that launched and controlled attacks and those that relayed commands. The warrants also covered accounts containing the source code for the DDoS tools.“Anonymous Sudan sought to maximize havoc and destruction against governments and businesses around the world,” stated United States Attorney Martin Estrada. He emphasized the group’s callousness, noting attacks on hospitals providing emergency care. “We are committed to safeguarding our nation’s infrastructure and holding cybercriminals accountable,” he added.Operation PowerOFFThese actions are part of Operation PowerOFF, an international effort to dismantle DDoS-for-hire infrastructures active since 2018. Private sector entities like Akamai SIRT, Amazon Web Services, Cloudflare, and Microsoft have played a key role in the takedown since.Akamai SIRT expressed gratitude to the FBI, DOJ, and the Big Pipes working group for their commitment to prioritizing DDoS investigations and disrupting these operations.“Akamai would like to thank the members of the Federal Bureau of Investigation (FBI), the DOJ, and the Big Pipes working group for their commitment to prioritizing DDoS investigations, as well as their investment of time and energy into unravelling these operations and attempting to disrupt them,” the company said.

Wednesday, October 16, 2024

UK boosts support for ATMIS with 7.5M Pounds.

 


The United Kingdom has provided a further £7.5 million to the African Union Transition Mission in Somalia (ATMIS). This latest round of funding builds on earlier contributions and increases the total amount of financial support from the United Kingdom to both ATMIS and AMISOM since 2021 to £77 million. ATMIS plays a vital role in Somalia’s security, protecting key areas including population centres, supply routes and infrastructure. It continues to support the Somali National Army in joint operations, facilitating humanitarian aid, and safeguarding political processes including elections. 


UK funds have enabled ATMIS to improve Somalia’s security by combatting al-Shabaab and reducing the group’s influence. ATMIS troops also provide protection for Somali civilians as they work to ensure a more stable and secure Somalia to the benefit of its people and the region. The new funding will fund military stipends for troops from the five troop-contributing countries (Burundi, Djibouti, Ethiopia, Kenya and Uganda), and will help ATMIS to complete its mandate of a phased handover of security responsibilities to the Somali Security Forces. The activities of ATMIS are crucial to Somalia’s journey towards security and stability, but these require consistent international support.


British Ambassador to Somalia, Mike Nithavrianakis, said of the new funding:


The UK is a close and longstanding partner of Somalia and a leading donor to ATMIS. By supporting ATMIS, we are not only investing in Somalia’s security today but also in its stability and prosperity tomorrow. I encourage traditional and non-traditional partners to financially support the successor mission to ATMIS to ensure a secure and stable future for all Somalis and the region.


Somalia’s Defence Minister, Abdikadir Mohamed Nur, welcomed UK support, noting:


This funding is critical in supporting the efforts of ATMIS and Somali security forces. We appreciate the UK’s continued partnership in rebuilding a safer and secure Somalia. The continued support of our partners will remain vital as we work towards a sustainable security environment in our country.


The African Union (AU) Commissioner for Political Affairs, Peace and Security (PAPS), H.E. Ambassador Bankole Adeoye also expressed gratitude for the UK’s contribution and emphasised the importance of continued international support:


I wish to sincerely thank the British Embassy for its continued support to the AU and for this generous and timely £7.5 million contribution to ATMIS. We urge other partners to follow the UK’s example and invest in Somalia’s security to ensure lasting peace and stability in Somalia and the wider region.


This latest contribution reinforces the UK’s continued commitment to Somalia’s security and stability for a safer and more prosperous future, while also ensuring regional stability.

UN Security Council Resolution (2748) adopted on 16 August 2024 authorises African Union Member States to continue to deploy up to 12,626 uniformed personnel - inclusive of 1,040 police personnel, to ATMIS until 31 December 2024.

Tuesday, October 15, 2024

Nyamulagira getting to eruption


 Proffessor Charles Balagizi, scientific director of the OVG, specified that "the eruption consists of an overflow of lava from its crater, these lavas flow on the northern, western and southwestern flanks."


He added that the latest satellite images show three lava flows forming, the most advanced having already traveled about 7 km.


"Since , around October 13, 2024 at around 22:00 local time, a glow has been observed at Nyamulagira, a consequence of this eruptive activity in the crater which is spreading on its flanks," said Professor Balagizi.


This eruption comes as OVG agents threaten to resume a total strike if the military governor of North Kivu does not respect the commitments made during a recent meeting. Some agents, who had agreed to provide a minimum service, express their concerns about the situation.


The population of Goma remains marked by the eruption of Nyiragongo in May 2021, which caused 32 deaths and destroyed several hundred homes. This eruption coincides with the International Day for Disaster Risk Reduction, highlighting the urgency of proactive management of natural disasters in the region.

Sunday, October 13, 2024

Rwanda and DRC agree on a harmonized plan to neutralize the FDLR

 DRC and Rwanda reached an agreement on Saturday, October 12, on the activities and responsibilities contained in the harmonized plan for the neutralization of the Democratic Forces for the Liberation of Rwanda (FDLR) and the disengagement of forces.


This agreement is the result of the ministerial meeting between the two countries, facilitated by Angola, which took place on Saturday in Luanda, (Angola). This agreement also provides for the lifting of Rwanda's defense measures, specifies a press release from the Congolese Ministry of Foreign Affairs.


 


To this end, the parties have mandated experts to draw up a detailed plan for the implementation of the Harmonized Plan, the report of which will have to be analyzed at the next ministerial meeting to be held on a date to be agreed, adds the same source.


During the meeting, the ministers reviewed the latest events since their last ministerial session on September 14, 2024, and urged the parties to the conflict to respect the ceasefire of August 4 this year.


Finally, the ministers also agreed to continue working on the pending security issues contained in the draft peace agreement proposed by the facilitator, Angolan President João Lourenço, Angop reports.  


Rwanda, whose armed forces are present in the DRC in support of the M23 rebels, "  makes its withdrawal from Congolese soil conditional on the neutralization of the FDLR  ," the head of Congolese diplomacy revealed to the UN Security Council in New York on October 8.


This agreement reached on the harmonized plan for the neutralization of the FDLR and disengagement of forces is an important step in the peace process between the two countries. 


The Congolese delegation at this meeting was led by Therese Kayikwamba Wagner, Minister of State for Foreign Affairs, International Cooperation and Francophonie. The Rwandan side was led by its Minister of Foreign Affairs and International Cooperation, Olivier Nduhungirehe. The mediation was represented by Tète António, Angolan Minister of External Relations.


The DRC and Rwanda have been in dialogue for several months under the mediation of Angola to find a definitive solution in terms of peace and security in the East of the DRC and in the Great Lakes sub-region.


Kinshasa accuses Kigali of supporting the M23 rebellion which occupies several localities in the province of North Kivu, in the east of the DRC, following a war it has been waging there for more than a year.


Kigali, in turn, accuses its neighbour of collaborating with the FDLR rebels who have taken refuge on its soil for more than a decade, in the aftermath of the Rwandan genocide.

According to some intellugence sources,the Rwanda gorvement is expected to give a list of FDLR  whom it expects resides in  DRC,and seen by many as a hard task.

Thursday, October 3, 2024

A motor boat capsizes in kivu,killing 2 and 1 missing.A boat leaving Bukwidja for Bukavu capsized in kivu killing 2 people,1 missing a


 This motor boat left Bukwidja for Bukavu at around 1 pm ,but it capsized killing 2 people,1 is missing and 17 have been rescued!!




....just wait,you will hear this news groups reporting about this.......

Is it true that 75% of M23 is made up of Rwandan soldiers?

I have been troubled by this claim for over a week...Is thus this the 450 who are claimed to have deserted and taken refuge to Uganda!! Is true that they are here in Uganda or just mere propaganda of the Western powers!


Listen and watch


SADC army officers already in Goma to assess the offensive against M23


Watch the video above

Tuesday, October 1, 2024

Who killed Fred Rwigyema?REST IN PEACE AFANDE FRED GISA RWIGYEMA



It has been nearly 34 years since Gen Fred Rwigema died in his mother-land before leading an exodus of Rwandan children who had been incarcerated in exile for over 30 years.

Fred Gisa Rwigema (10 April 1957 – 2 October 1990), born Emmanuel Gisa was a founding member and leader of the Rwandan Patriotic Front. Rwigema was born in Gitarama, in the south of Rwanda. Considered a Tutsi, in 1960 he and his family fled to Uganda and settled in a refugee camp in Nshungeezi, Ankole and later Kahungye in Tooro following the so-called Hutu Revolution of 1959 and the ouster of King Kigeri V.

After finishing high school still in his teenage years, it is said that he went to Tanzania and joined the Front for National Salvation (FRONASA), a rebel group headed by Yoweri Museveni the current President of Uganda, his brother Salim Saleh (Caleb Akandwanaho) was a close confidant and friend to Fred. It is due to his turbulent life as a child refugee, the love for his country and hate for injustice that led him to liberate African countries including his own.

It was at this point that he began calling himself Fred Rwigema. Later that year, he travelled to Mozambique and joined the FRELIMO rebels who were fighting for the liberation of Mozambique from Portugal’s colonial power. In 1979, he joined the Uganda National Liberation Army (UNLA), which together with the Tanzanian Armed Forces captured Kampala in April 1979 and ousted dictator Idi Amin.

Upon the liberation of Uganda and Idi Amin he was a member of the elite group that launched the National Resistance Army (NRA) with its leader Museveni, which fought a guerrilla war against the government of Milton Obote. After the NRA captured state power in 1986, Rwigema became the deputy Minister of Defence.

He was a regular on the front lines in northern Uganda during the new government’s offensive against remnants of the ousted regime disregarding his ministerial post. It is in these offensives that he was regarded as a god of war (mungu wa vita, Swahiri languge) by his highly motivated troops in the operational zones of Uganda.

He is still remembered as a father, husband, commander, brother, comrade to all soldiers he served with, and most of all a national hero to Uganda not only to his love of Express Villa Football Team but also a friend to many in that country.

Afande Fred was the best commander of all time in all of the countries he served. Afande Fred who was a Major General as a young man who always put his nation and people first. I am captivated to demonstrate how General Rwigema went the extra mile during his plan to return his people to their mother-land.

In preparation to his return to Rwanda, General Rwigema sought a unifying solution to all Rwandans not only his only for his own Tutsi ethnic group. It is demonstrated by the effort Rwigema used by including all Rwandans that had been harassed and exiled by the then dictatorial regimes. General Rwigema contacted among all Colonel Alexis Kanyarengwe and actually he became the chairman of the RPF while Gen Rwigema concentrated on armed wing which he maintained best soldiers.

Col Kanyarengwe knew the regime’s in-and-out and according to Rwigema he would bargain better with the government that they were about to invade.
We all believed that he would live forever because of the love we had for him. I was only twelve years old when I first heard of General Rwigema in Uganda because we grew up with the stigma of being non-citizens. When Fred emerged as a high ranking official in Uganda, he became a hero to all of us, the youth, and the only hope to the Promised Land which we had been denied by the dictators of the time.

He selflessly pulled everyone together in a very limited time, not only in Uganda but the whole diaspora and he did all this in combination with other commitments which involved maintaining security of Uganda, his own young family (God bless them) plus building his Rwandan Army inside a host Army (Uganda).

He did all this with great sensitivity and concern for the departure of his forces that would not shake the Ugandan forces. His aim was to return the Rwandese back home but also to make sure that Uganda stays strong and un-shaken due to the withdrawal of the Rwandese forces.

Afande Fred Rwigema the man who arranged, planned and managed to put in action what was a dream to all of us from childhood, was meaninglessly lost within a day of his return to the land he had left as an infant.

Who killed Gen Fred?

The answer to this question is ambiguous up to the present day and the vacuum still persists in the hearts of many Rwandans and Ugandans alike. A lot has been said but still not convincing to people like me, and many others. Yes I was not a soldier at the time when Afande Fred Rwigema died however, having spent most of my early age alongside my fellow brothers who were in the Forces back in Ugandan and then joined the army in Rwanda a little while after, I strongly believe that General Fred Rwigema’s death should have been explained differently or much clearer.

Before I outline my concerns in this curtain series let’s look at what the government said about Fred Rwigema’s death:

Stray bullet theory:

There are several theories about the abrupt death of the General, the most commonly adopted by President Paul Kagame’s government being the stray bullet scenario:

“It is widely spread on all media outlets including the recent YouTube clip claiming that General Fred Rwigema was shot by a stray bullet from the enemy APC (armored personnel carrier) or military Jeep.”
In this theory we see one of the bodyguards of General Fred Rwigema, Happy Ruvusha who holds the rank of Colonel at this present time explaining the death of his beloved commander.





However what is very disturbing is the fact that Happy Ruvusha claims to have buried Fred with the company of only 3 other soldiers. He mentions one Matungo and Nkubito who are all senior officers at that time but the fact is that all these three individuals were non-commissioned officer at the time, and this leaves one to wonder:

Why a military General would be buried by only 4 of his (NCO) non-commissioned officer bodyguards.

Upon the death of Fred Rwigema, the RPA had senior officers who were actively in combat until late of whom some still survive to the present day. Here one would mention Lt Col Adam Wasswa, Maj Chris Bunyenyezi, Maj Dr Bayingana, Maj Steven Ndugute, Maj Sam Kaka, Maj Kabura, Capt Dodo Twahirwa, Capt Bagire, Capt Ngoga, Capt Charles Muhire, Capt Kayitare who was Fred’s Aide at some point, Capt Kizza, Capt Bitamazire, Capt Gashugi, Capt Musitu, Capt Sam Byaruhanga, Capt Alphonse Furuma, Capt Mico and many more combat hardened commanders. Major Paul Kagame was not among the officers and men who started the war, as he had decided to go for a course in the US while his comrades prepared to wage a liberation war.

It is in the military norms that soldiers of the same ranks if not closer ranks bury their fallen comrade, therefore why leave him to be secretly buried by just his bodyguards.

Matungo, Nkubito and Happy Ruvusha were all NCOs at the time of their boss’s death, none of them would drive, and it is common knowledge that Fred’s Driver was Sgt Blackman who died in Kigali years later. However Happy Ruvusha makes no mention of this individual.

It makes no sense how people like Capt Kayitare, Emmanuel Kanamugire, Okwiri Rabwoni, Sgt Mtamani who used to drive Late Fred at times, Alex Rubamba Shumba and many more much senior soldiers might have missed out on their friend and boss’s burial however secretive it could have been


From left to right: Maj Gen Alexis Kagame, Amb Lt Gen Charles Kayonga, and Gen James Kabarebe while they were still on the front.



He mentioned that they had been driving his body in the vehicle after his death, having not decided where to get him buried. How honorable would that be to drive the top commander’s body around in a truck instead of getting him to rest in the rear of the combat zone when it is documented that Kagitumba was made a tactical sickbay and headquarters upon the initial RPA attack on 1st October 1990.

Why would Fred’s body be not taken back to Mbuya military morgue in Uganda as a norm to all fallen combatants in all operations no matter where, given the fact that Fred had not officially resigned from Uganda?

What would have been the motive of burying General Fred Rwigema in secrecy? It doesn’t make sense to me nor any sane minded country loving comrade or citizen.

Could Happy Ruvusha be covering something he knows well? This leaves me wonder. On the other hand however, I remember Happy Ruvusha very well, a person I worked alongside as Paul Kagame’s bodyguards. I remember he mourned General Fred Rwigema all the time and he seemed never contented of the loss of his boss due to the relationship Fred had with all his troops including Happy himself who was his Kadogo charged with his tent and meals.

The Bunyenyezi/ Bayingana theory:

The second version that caused trouble to the families of the RPA top commanders was the Major Peter Bayingana and Major Bunyenyezi theory. It is alleged that the two top commanders executed their boss over a power struggle. This theory further alleges that after his execution they were also killed by other soldiers in retaliation OR that General Salim Saleh came in himself and executed them.

This version drew much trouble not only to the families of the trio but also to Ugandan leadership especially Gen Saleh who was a close confidant since their high school times and a comrade of all battles they had both fought across Africa.

This version draws many more questions; since it was documented in the former government forces (FAR) Forces Armee Rwandaise in their monthly publication la victoire that Major Bunyenyezi and Bayingana were ambushed and killed in the Ryabega ambush and took the Artillery Pieces they were taking to reinforce Maj Sam Kaka who had sieged the enemy in Nyagatare. These Artillery pieces included a 14.5mm 4 barrel anti-aircraft gun and a 105mm Katyusha multi-rocket launcher. This incident does match with the confirmation that the duo was killed about 3 weeks after the initial attack. Their death would be heard later and be celebrated in Bikindi Simon’s heroic songs praising the bravely of the FAR.

Lt Kato Theory:

The investigations done by myself with the help of the fellow former RPA veteran women and men who were in the forces at the time, indicates that there is another version which has been kept a secret for so long. It is alleged that in the late 1980’s General Fred Rwigyema told Major Paul Kagame, the then Intelligence Officer who later ended up becoming the President of Rwanda after the death of almost every sensible officer in the RPA struggle, to select young men and women who would attend different leadership courses in preparation of the Rwanda offensive.

In the first graduation of the cadet officers selected by Major Kagame was Lt Kato who was sent to attend a special snipping course in South Korea and later Libyaacquiring very good sniping and Commando skills.

In the second Cadet intake to pass out just days before the invasion was 2nd Lts James Kabarebe, Kayonga Charles, Alex Kagame, Vincent Gatama, Tom Mphaka, Rose Kabuye and others. Paul Kagame knew James Kabarebe as he had been in Museveni’s bush war but had deserted due to not being able to cope with the situation. He would later come back to NRA after Museveni captured the country in 1986, which time he stayed until the attack of Rwanda.



Kayitare and Kazura at mulindi in ,1992



It is alleged that slightly before the attack on Rwanda General Fred Rwigyema had been selected to attend a military course in America by President Museveni of which he declined the offer due to his preparation but suggested to send Paul Kagame to the course due to his lack necessary strategy.

Before his departure, it is alleged that Kagame introduced Kato and James Kabarebe to Fred Rwigyema, he stated that James Kabarebe was a Political Science graduate from Makerere University and was going to make an excellent advisor on international relations issues, he also explained to him the importance of benefiting from Kato’s skills.

Rwigyema trusted Kagame from their childhood like any honest person would. A source from the RPA veterans goes on to explain that General Rwigyema owned a sniper gun he handed to Kato and joined the soldiers on his entourage. It was also the time when Kagame indicated the need for James Kabarebe to replace Emmanuel Kanamugire as the ADC to General Fred Rwigyema however Rwigyema objected and Kabarebe was left with no post.

Kagame left to America for training and afterwards the RPF/RPA attacked, it is alleged, that it was with the sniper gun that Rwigyema had handed to Kato which was used to shoot General Fred Rwigyema. It is alleged that Kato was seen coming from the hill and everyone was fighting to hide the death rather than finding the killer.

This Veteran explains that Kato was made close to Paul Kagame after his return from America and was subsequently deployed to join Kaitare’s Mobile Unit. It was James Kabarebe who informed Kato that he was being transferred and on his way and hence shot by Silas Udahemuka who is Kagame’s cousin blaming his death on an enemy ambush.

It is alleged that his execution was to hide the information regarding General Fred Rwigema death as the war was heading to an end during peace talks. Kato was a brother to Major Mupenzi who was injected with a poison just after we captured Kigali, Mupenzi was a very reliable man and a twin brother to Kato, and he had attended the same cadet course with Kato. He was killed to hide information like his brother.

After Kagame arrived from his unfinished course he was appointed by Museveni to take over from Afande Adam Wasswa who later died of an undefined death.

It is further alleged that after the execution of General Fred Rwigema by Lt Kato on Kagame’s orders, Kagame rushed in to deceive Museveni into believing that it was Bayingana and Bunyenyezi who had killed him therefore deceiving Museveni in revenging his friend.

It is therefore alleged that Museveni then ordered his brother and best friend to General Fred Rwigema, Gen Salim Saleh, to reorganise the RPA, and appointed Major Paul Kagame as the coordinator.

It is said that contradictions appeared in the high command of the RPF as to the advisability of launching the attack when peaceful prospects were clearly becoming plausible. General Rwigema was ready to accept Habyarimana’s welcoming hand if he ever did, while other members of the RPF Command favored a military solution and hence the extermination of their top leader.

This theory like the preceding ones raises disturbing questions:

* Given the number of General Fred Rwigema well trained combat hardened bodyguard, why would they spare Lt Kato the Sniper, after he shot their boss?What reason would Kato have had in executing a commander who was much loved by his own troops?

* How simple would it have been for General Saleh to cross into Rwanda, execute the two officers and walk back to Uganda untouched?

* Why is it that the bodies of Bunyenyezi and Bayingana have never been buried or recovered? Could it be because they were actually taken by their killers in the Ryabega ambush?

* Why has President Kagame never carried out a thorough investigation in the deaths of these commanders to clear our suspicion?

* Could he be hiding something by relying on the evidence of Happy Ruvusha who held the rank of Corporal at the time of Gen Rwigema’s death?

* Why is Gen Rwigema’s death and history fading away in thin air as we speak now while President Kagame assuming the heroism that he never deserved.If Paul Kagame was hero enough as he self-portrays, why did he decide to attend a course as the whole group was planning such an important move?

* It should be remembered that the original RPA hero’s day was first and foremost to commemorate the death of General Rwigema and other fallen heroes and hence the 1st of October of each year. Why has President Kagame changed this date to different dates?

* Why is General Fred Rwigema membered and respected in Uganda than Rwanda the country of his birth and subsequently his death?

On every 1st of October ,we will never stop remembering our hero Gen Fred Rwigema.
Either way the question remains as to who really killed our hero Gen Fred Rwigema!!

 

Monthly Counter-Terrorism Intelligence Review for East Africa (Kenya & Somalia) Shabaab Al-Mujahideen in Period of September 1st – September 30th, 2024: Tracking and Monitoring Al-Shabaab’s Activity in East Africa

 




 

Executive Summary

In September 2024, Al-Shabaab intensified its insurgency in both Somalia and Kenya, conducting numerous attacks primarily targeting military and security forces. Nearly 60 small to large scale attacks have been recorded for the month under  review. The frequency and intensity of these operations highlight a renewed focus on destabilizing security efforts and demonstrating the group’s operational capabilities.

 

The majority of these attacks involved the use of improvised explosive devices (IEDs), suicide bombings, and direct assaults on military bases and ambushes on security checkpoints as well on military convoys. Al-Shabaab’s tactics predominantly centered on guerrilla warfare, utilizing hit-and-run attacks, artillery shelling, and ambushes to maximize damage while minimizing their own exposure to counterattacks.

 

IEDs and vehicle-borne IEDs (VBIEDs) were common, often targeting military convoys, police stations, and high-value assets such as airports and government facilities. The group also effectively used artillery fire, particularly in Lower Shabelle, Gedo, and Bay regions. These attacks primarily focused on weakening military morale and undermining government control.

 

Somalia’s regions like Mogadishu, Lower Juba, Lower Shabelle, Middle Shabelle, Bay, Gedo, and the borders of Mandera, Kenya NEP, saw repeat incidents, indicating a focus on contested zones where government and African Union forces are more vulnerable. The group’s ability to exploit gaps in security and launch attacks on bases, checkpoints, and supply routes indicates the need for enhanced intelligence operations and coordination among regional forces.

 

To thwart future attacks, security assets must prioritize rapid intelligence gathering and counter-IED operations. Reinforcing key installations with counter-mortar systems, increasing air surveillance, and improving the capacity for rapid response will be crucial. Strengthening cooperation between regional forces, especially in border areas, is imperative to deny Al-Shabaab the freedom to maneuver and plan further incursions.

 

 




Terrorism Events:

September 1st – September 30th.

  1. September 29, 2024: An explosion operation by Al-Shabaab al-Mujahideen targeted government troops in Bardale district, southern Bay region, Somalia. Three soldiers were killed.
  2. September 29, 2024: Al-Shabaab claimed responsibility for a direct attack on SNA troops near Geedow Noor, on the outskirts of Jowhar, the capital of Middle Shabelle region, Somalia.
  3. September 29, 2024: Al-Shabaab forces attacked a Somali police station in Marka, Lower Shabelle region. Casualties were reported.
  4. September 28, 2024: Al-Shabaab al-Mujahideen forces shelled an SNA camp in El-Waq district, Gedo region. No casualty details were provided.
  5. September 28, 2024: In Dhobley, Lower Juba, an Al-Shabaab explosion targeted an SNA checkpoint, killing one soldier and injuring another.
  6. September 28, 2024: An explosion claimed by Al-Shabaab in Jowhar, Middle Shabelle, killed one soldier and injured three others.
  7. September 27, 2024: Al-Shabaab forces conducted a suicide bombing and gunfire attack on an SNA checkpoint in the Ali Godey area of Dharkenley district, killing three soldiers and looting small arms, including an AK-47.
  8. September 27, 2024: Al-Shabaab claimed responsibility for an artillery attack on an ATMIS camp in Bulo-Mareer district, Lower Shabelle.
  9. September 27, 2024: Al-Shabaab ambushed Somali troops on patrol near No/50 area, Lower Shabelle.
  10. September 27, 2024: Al-Shabaab targeted ATMIS assets at Kismayo Airport with artillery fire. No casualties were reported.
  11. September 27, 2024: Al-Shabaab claimed a direct probe on Kenyan assets in Dhamase, Mandera, Kenya. No casualties were reported.
  12. September 26, 2024: Al-Shabaab carried out an explosion in Afgoye, Lower Shabelle, killing two SNA soldiers and injuring eight others.
  13. September 26, 2024: Al-Shabaab targeted a JSF military convoy near Kismayo, Lower Juba.
  14. September 26, 2024: Al-Shabaab attacked an ATMIS-Ugandan military base in Shalambood area, Lower Shabelle, killing three soldiers and critically injuring two others.
  15. September 26, 2024: In Bay region, Al-Shabaab launched a heavy attack on an SNA camp in Eel-Mashrouq, Qansaxdhere district.
  16. September 25, 2024: Al-Shabaab forces attacked an SNA camp in the Ilbaq area, central Somalia.
  17. September 25, 2024: Al-Shabaab ambushed SNA troops in Oodweyne neighborhood, Dayniile district, Mogadishu.
  18. September 24, 2024: An Al-Shabaab explosion targeted a Somali security checkpoint in Bula-Mareer, Lower Shabelle.
  19. September 24, 2024: Al-Shabaab claimed an IED attack on SNA troops near Barire, Lower Shabelle. Casualties were unknown.
  20. September 24, 2024: In Beledweyne, Hiran, an Al-Shabaab attack on an SNA checkpoint injured one soldier.
  21. September 23, 2024: Al-Shabaab attacked the base of Riddada troops in Janay Abdalle, near Kismayo. Officers and soldiers were killed.
  22. September 23, 2024: In Galgaduud, an explosion by Al-Shabaab burned an Abdibile vehicle, injuring three Riddada troops.
  23. September 23, 2024: Al-Shabaab claimed an IED attack at Halane Military Base, hitting UN headquarters and the British Embassy in Mogadishu.
  24. September 22, 2024: Al-Shabaab attacked a convoy of ATMIS troops traveling between Danow and Golweyn, Lower Shabelle.
  25. September 21, 2024: Al-Shabaab launched a heavy attack on an SNA base in Bardhere district, Gedo region. Casualties were reported.
  26. September 20, 2024: Al-Shabaab raided two Somali military bases in Bulobarde and Hudur, Hiran and Bakool regions.
  27. September 20, 2024: Al-Shabaab targeted Somali military bases in Bariri and El-Barde with IEDs, Afgoye and Bakool regions.
  28. September 20, 2024: Al-Shabaab ambushed a Somali military base in Qansahdhere, killing six soldiers and injuring four.
  29. September 19, 2024: Al-Shabaab targeted government troops near Eel-Shalle, Mogadishu, killing at least three soldiers and capturing one.
  30. September 18, 2024: Al-Shabaab executed two SNA soldiers in a public square in Bulo-Fulay district, Bay region.
  31. September 17, 2024: Al-Shabaab assassinated a government officer in Bakara market, Mogadishu, and looted his weapon.
  32. September 17, 2024: Al-Shabaab launched an attack on an SNA base in Qansaxdhere, Bay region, taking control of El-Mashrouq camp.
  33. September 16, 2024: Al-Shabaab targeted a Kenyan convoy in Lamu region, injuring several people in an IED explosion.
  34. September 15, 2024: Al-Shabaab launched artillery attacks on military bases in Hiilweyne and Ilbaq, Middle Shabelle.
  35. September 15, 2024: An IED attack targeted a Somali checkpoint in Beledweyne, Hiran, causing casualties.
  36. September 15, 2024: A Somali forces member who survived an Al-Shabaab attack in Osoni surrendered in Taakulo, Bakool.
  37. September 15, 2024: Al-Shabaab shelled Halane Military Base, Mogadishu, causing casualties.
  38. September 15, 2024: Al-Shabaab shelled a Somali military base in Al-Baq, Balaad, Mogadishu.
  39. September 13, 2024: Al-Shabaab killed two Somali soldiers and injured two others in an ambush in Hanai Abdi, Kismayo, Lower Juba.
  40. September 11, 2024: Al-Shabaab launched a direct attack on an SNA base in Bulo Haji, near Kismayo, Lower Juba.
  41. September 10, 2024: An Al-Shabaab explosion targeted government troops near Dinsoor, Bay region.
  42. September 9, 2024: An Al-Shabaab roadside explosion in Hudur district, Bakool, targeted ATMIS-Ethiopian troops and SNA soldiers.
  43. September 8, 2024: Al-Shabaab attacked various bases across central and southern Somalia, including an Ethiopian troop camp in Halgan, Hiran region.
  44. September 8, 2024: Al-Shabaab attacked a US-operated base in Balli-Doogle, Lower Shabelle, reporting casualties among ATMIS troops.
  45. September 7, 2024: Several Al-Shabaab mortar shells struck multiple districts of Mogadishu, alarming residents. Two hit Hamarweyne, one impacted Yaaqshid, and two more struck the animal market in Heliwa.
  46. September 7, 2024: A bomb attack by Al-Shabaab in Lower Shabelle targeted a convoy of African Union troops, specifically Ugandan forces, near the Number 50 area.
  47. September 7, 2024: In Afgoye, Lower Shabelle, Al-Shabaab forces killed Mohamed Deeq Ibrahim Abdi, also known as “Bakeylow,” an undercover soldier working with intelligence services.
  48. September 6, 2024: Al-Shabaab targeted Mogadishu’s largest international military base, Halane, with an improvised explosive device (IED).
  49. September 6, 2024: Al-Shabaab launched a mortar attack on the base of Somali Federal Government (SFG) and Jubbaland forces in Ceelwaaq, Gedo region.
  50. September 5, 2024: Several mortar shells targeted Balidogle Airport, which houses American troop trainers and the Bangaraaf forces, with Al-Shabaab claiming responsibility.
  51. September 5, 2024: In the Saakow district of Middle Jubba, the Mujahideen executed captured Somali soldiers in a public square under Islamic court orders.
  52. September 5, 2024: A civilian was injured in Mogadishu’s Wadajir district after a mortar hit their home. Al-Shabaab claimed responsibility for the shelling.
  53. September 4, 2024: A planned Al-Shabaab operation in Baardheere, Gedo region, resulted in the assassination of a Somali National Army (SNA) soldier and the seizing of his weapon.
  54. September 3, 2024: An Al-Shabaab ambush targeted Ugandan forces transporting supplies near Jiiro Gaaljecel, Lower Shabelle, resulting in reported injuries.
  55. September 3, 2024: Al-Shabaab claimed coordinated attacks on the ATMIS-Ugandan Forward Operating Base (FOB) in Qoryooley and on SNA troops near Waajid, seizing military equipment.
  56. September 2, 2024: Al-Shabaab militants attacked SNA troops stationed at Buulo-xaaji bridge near Kismayo, killing two soldiers and injuring six others.
  57. September 2, 2024: An Al-Shabaab ambush on an ATMIS-Ethiopian military base in Baydhabo resulted in six Ethiopian soldiers killed and two injured.
  58. September 1, 2024: Al-Shabaab launched an attack on Somali government troops at Iidow-Dhigaal, Baydhabo, injuring one soldier.
  59. September 1, 2024: Al-Shabaab militants launched a coordinated attack on Ugandan forces stationed at Baraawe district airport, with no casualties reported.

 

 

Analysis, Observation & Insights

 

The recorded terrorist events for the month of September demonstrate a surge in Al-Shabaab’s attacks across Somalia and parts of Kenya. The group’s operational tempo remains high, with consistent strikes targeting both government and international military forces, such as Somali National Army (SNA) and ATMIS forces. Their attacks have also extended to regional military assets, including Ugandan and Ethiopian troops. This pattern highlights Al-Shabaab’s sustained capacity to engage in asymmetric warfare, often targeting security infrastructure to destabilize the region.

 

Al-Shabaab’s favored attack types involve a mixture of direct assaults, bombings, and ambushes. These operations are regularly executed with precision using improvised explosive devices (IEDs), mortars, and small arms fire. The group is increasingly employing IEDs in high-traffic military areas, checkpoints, and convoys, underlining their preference for low-cost, high-impact operations that result in significant casualties and infrastructure damage. This shows Al-Shabaab’s reliance on explosives to disrupt military movements and diminish the morale of both domestic and foreign forces.

 

Mortar and artillery strikes have also been a common tactic, targeting high-value locations such as military bases and airports. This includes coordinated mortar attacks on bases like the ATMIS-Ugandan Forward Operating Base in Qoryooley and Kismayo Airport. These indirect fire tactics indicate Al-Shabaab’s continued ability to maintain an offensive stance while minimizing direct confrontation, particularly against fortified or better-equipped units, such as ATMIS contingents.

 

Geographically, Al-Shabaab’s attacks concentrate in the southern and central regions of Somalia, with recurrent incidents in Lower Shabelle, Gedo, Bay, and Jubaland. Towns like Kismayo, Jowhar, and Mogadishu remain frequent targets, underscoring their strategic importance for control over supply routes and urban centers. The attacks on Kenyan troops in Lamu and Mandera counties, while fewer, indicate Al-Shabaab’s intent to expand operations across borders and challenge Kenyan security forces.

 

To counter Al-Shabaab’s growing threat, security forces must prioritize bolstering defensive capabilities in areas with repeat attacks, focusing on intelligence gathering to anticipate IED placements and ambushes. Enhanced perimeter defense around military bases, checkpoints, and supply convoys is crucial, along with rapid response units to contain indirect fire incidents. International forces, including ATMIS, should further coordinate with local authorities to disrupt Al-Shabaab’s logistical networks and neutralize its capabilities.


conclusion

 

In conclusion, the pattern of attacks suggests that Al-Shabaab will continue to engage in hit-and-run tactics while exploiting vulnerabilities in military infrastructure. The forecast for the coming months points to continued IED and mortar attacks, with the group likely to focus on high-profile targets to draw attention to their cause and erode the region’s security. Security forces must adapt to these evolving threats by enhancing counter-IED capabilities and improving coordination across sectors.



..........................................................................................................................................................................................




Regards to S.Y.A

General pacifique Masunzu puts up a decision to totally close Goma-Rutshuru road

  The Congolese army orders the total closure of the Goma-Rutshuru road. No access is authorized, neither entry nor exit. According to milit...