The Summit of Heads of State of the DRC, Rwanda, Burundi, Uganda and Angola opens this Sunday, September 20 in Goma.

The Summit of Heads of State of the DRC, Rwanda, Burundi, Uganda and Angola opens this Sunday, September 20 in Goma, capital of North Kivu province. Before this meeting, experts from five countries will start starting this Friday, September 18, the work to prepare for this big meeting.

These experts will prepare the documents in relation to the items on the agenda of work, in this case peace and security in the region, political and diplomatic relations between these States and the revival of economic activities in the context of fighting against the covid-19.

Ministers, on their part, will scrutinize the report of these experts. As for the DRC, the Deputy Pemier Minister of the Interior, the Minister of State in charge of Foreign Affairs, his colleague for International and Regional Cooperation, the Minister of National Defence and the Minister of Foreign Trade have already formed the elements of the files on the position of the Democratic Republic of Congo.

Unclear presence of Burundi

If the Heads of State of Rwanda, Uganda and Angola are almost certain. It is not yet clear whether Burundi President Evariste Ndayishimiye will be present or represented. In recent days, a document from the Burundian Ministry of Foreign Affairs suggested a bilateral meeting between the Democratic Republic of Congo and Burundi to be agreed through diplomatic channels.

This high-level meeting, which will take place one-on-one and not by videoconference, will take place in strict respect of barrier gestures. Each participating country has already submitted its protocol to prevent the spread of the disease.

CISA believes Chinese state-sponsored hackers are targeting critical cyberinfrastructure in the US and other countries by exploiting unpatched vulnerabilities in VPNs and Microsoft exchange servers

 

The US Cybersecurity and Infrastructure Security Agency issued an advisory on Monday to inform the federal government and private sector entities about a new wave of cyberattacks against targeted against them by Chinese state sponsored hackers.

The advisory also emphasized the need to patch flaws in several critical software and devices, including F5 BIG-IP devices, Pulse Secure VPNs, Citrix VPN, and Microsoft Exchange servers.

The advisory should not come as a surprise because:

1: Hackers leaked highly sensitive data of pulse secure VPN accounts a hacker forum last month.

2: Hackers were found exploiting a critical vulnerability in Microsoft exchange servers in March 2020.

3: Citrix VPN suffered a security data breach in 2019 in which 6TB of data from the enterprise software developer was stolen – An easy way for hackers to exploit flaws.

The US government revealed that Chinese threat actors had targeted many public and private sector entities in the past few months by compromising vulnerabilities in the programs mentioned above. Victims were identified via sources like Shodan and the National Vulnerabilities Database .

The agency stated that threat actors affiliated with the Chinese Ministry of State Security are using “commercially available information sources and open-source exploitation tools to target US Government agency networks.”They quickly exploit a publicly disclosed vulnerability to launch attacks against vulnerable targets to fulfill their nefarious motives.

Although patches for all these flaws are already available, organizations haven’t yet upgraded their systems. This is why they are vulnerable to targeted hack attacks.

Both CISA and the FBI urge organizations to audit their patch management programs and configurations regularly to timely detect and mitigate threats. Organizations in both the public and private sectors must implement a “rigorous configuration and patch management program” to deter the sophisticated Chinese threat actors.

CISA revealed that hackers from China are exploiting two common vulnerabilities to attack federal and private sector organizations. The first vulnerability is present in F5’s Big-IP Traffic Management User Interface.

The other is an arbitrary file reading vulnerability in Pulse Secure VPN appliances, which caused the Travelex breach earlier in 2020. Around 8,000 F5 Network’s BIG IP networking devices users were identified as vulnerable to this flaw by July 2020.

“Although Pulse Secure released patches for CVE-2019-11510 in April 2019, CISA observed incidents where compromised Active Directory credentials were used months after the victim organization patched their VPN appliance,” CISA noted.

Moreover, hackers are hunting for Citrix VPN Appliances that are vulnerable.. This flaw allows attackers to execute directory traversal attacks. Attackers are also exploiting Microsoft Exchange server remote code execution flaw that lets them collect emails from targeted networks.

CISA also pointed out common TTP that threat actors are currently using, including the cobalt strike commercial penetration testing tool that attackers use for attacking federal government and commercial networks. Threat actors are also deploying the China Chopper open-source tool effectively against organization networks. They are also using  Mimikatz open-source tool.

CISA further noted that hackers are using malicious links in spearphishing emails, exploiting public-facing apps. In one case, they scanned a federal government agency for vulnerable web servers and vulnerabilities in network appliances (CVE-2019-11510). They are conducting reconnaissance of the federal government’s internet-facing systems shortly after the “significant CVEs” disclosure.

Therefore, CISA asserts that federal and private sector organizations must employ a rigorous patching cycle to initiate flawless defense against these threat actors. If critical flaws aren’t patched, attackers can successfully launch attacks without developing custom malware or exploits. They can easily use previously unknown flaws to compromise a network and legit websites to gain initial access.

“Cyber threat actors also continue to identify large repositories of credentials that are available on the internet to enable brute-force attacks. While this sort of activity is not a direct result of the exploitation of emergent vulnerabilities, it demonstrates that cyber threat actors can effectively use available open-source information to accomplish their goals.”

FARDC chief of staff general Mbala Celestine is in Beni for a command inspection mission and inquiry on the operations against rebels groups including ADF

Army General Célestin Mbala, through military sources, says he is carrying out a command inspection mission in eastern and northeastern DRC. This is in particular to inquire about the evolution of the so-called "large-scale" operations launched at the end of November 2019 against armed groups, including the rebels of the Allied Democratic Forces (ADF).

Last Monday, the FARDC Chief of General Staff, during a press briefing in Bunia (Ituri), banned armed groups that have joined the peace process from circulating with weapons and military clothing.

The Chief of Staff of the Armed Forces of the DRC, Army General Célestin Mbala has been in Beni, a town in eastern DRC, since Wednesday, September 17, 2020,he installed a new Commander of the 3rd military zone.

 

According to military sources quoted by local media, Army General Célestin Mbala is on a mission to inspect and assess military operations against ADF rebels in the region.

This arrives in Beni while the population is already expressing its fed up with the persistence of insecurity, especially the killings of civilians perpetrated by the ADF.

On Wednesday, some residents of Beni signed a deed of engagement to fight the ADF. These residents were supported by Lucha activists and staged a peaceful protest outside the town hall to obtain the mayor's permission to go and fight the ADF rebels.

Interim Mayor Bakwanamaha Modeste said it is not for him to prohibit or allow such an initiative but rather for the military. He called on protesters not to disrupt army operations against the rebellion in the region.

Celestin Mbala is returning from the town of Bunia where he had been staying since September 11 for an official mission.

In Ituri province, he promised to do everything in his power to restore peace to the people of Ituri province (northeast of DR Congo).

He proceeded with the installation of the new commander of the 3rd defense zone.

This working visit was part of the materialization of the options raised by the Supreme Defense Council chaired by the Head of State, Félix Antoine Tshisekedi last September 7, concerning the "problematic of armed groups in the East from the country ".

The President of the Republic had given new instructions to the officials of the FARDC, the PNC and the intelligence services in his capacity as supreme commander of the Armed Forces of the Democratic Republic of the Congo and the Congolese National Police.

Monusco will close its Kindu office this Friday

The United Nations Mission for the Stabilization of Congo (Monusco) is already announcing the closure of its office in Kindu (Maniema) this Friday, 18 September 2020 in accordance with its new budget, and as required by the Security Council.

The confirmation is from the head of office of Monusco South Kivu / Maniema, Wednesday, September 16, 2020, to the press after a hearing given to him by the interim Governor of the province.

According to Karna Soro, the closure of this Kindu office is part of the downsizing of this peacekeeping mission in the DRC, announced a few days ago by the United Nations Secretary-General in the DRC.

He justifies this decision because there are no armed groups in 95 % of Maniema province. But he reassures that despite the permanent closure of the said office which will take place on Friday, September 18, 2020, Monusco will continue to work in that province.

This announcement of the closure of the Monusco office in Kindu has worried some people who fear the rise of insecurity in this province by armed groups.

Angola and DRC sign three agreements on security and movements of people

Three agreements were signed between the Congolese and Angolan authorities to sanction the end of the bilateral defense and security meeting between the Republic of Angola and the Democratic Republic of Congo held since September 14th.

After three days of exchange in Luanda, from 14 to 16 September, the ten governors of the boundaries between the DRC and Angola reached an agreement on the security issue at the border, the constitution a bilateral permanent commission of governors of the surrounding provinces and management of the impact of Covid-19.

With particular regard to the security issue, governors agree to support a new era of active collaboration between the parties, to diligent the implementation of the legal instruments necessary for the realization of collaboration between the parties, to encourage their respective states To identify the border population with a view to monitoring and facilitating the flow, to authorize and harmonize the cost of local crossing taxes at border crossing crossing crossing to facilitate the movement of people and goods and to discourage fraud.

They are also committed to establishing border crossings and markets to facilitate trade and to support the establishment of respective consular missions in border provinces.

In addition to defence and security issues, these provincial authorities have supported the idea of the establishment of a bilateral standing committee of governors in the surrounding provinces. Commission which should meet alternatively in each country.

The Congolese side was represented by governors Dieudonné Pieme Tutokot (Kasai), Ambroise Kamukuny (Central Kasai), Atou Matubuana (Kongo central), Leopold Kangulumba (Kwango), Madame Fifi Masuka Saini, Vice-Governor of Lualaba.

Angolan side was represented by Dr. Miguel dos Santos de Oliveira, Deputy Governor of Cabinda Province, Dr. Ernesto Muangala, Governor of Lunda Norte, Victor da Silva de Oliveira, Deputy Governor of Moxico Province, Sérgio Lúther Rescova Joaquim, Governor of Uíge and Mr. Pedro Makita Arnaldo Júlia from Zaire province.

According to the press of the Kasaï-Central governorate which delivers the information, this is an agreement on defense and security, the movement of people and their goods along the common border and a memorandum of intent on the creation of the permanent joint defense and security commission between the two countries.

The said meeting, moderated by the Secretary of State for the Interior of the Republic of Angola, José Bamóquina Zau, assisted by the Head of the Department of Central and West Africa, Campos Viera Campos, mainly focused on 3 main topics whose :

- Strengthening border security for both parties;

- The establishment of a permanent bilateral commission of provincial governors;

- And managing the impact of covid-19 and pooling resources to eradicate it.

The Republic of Angola was represented by the Vice-Governor in charge of Economic and Social Policy of Cabinda, the Governor of the Province of Lunda Norte, the Vice-Governor of Economic and Social Policy of the Province of Moxico, as well as the governor of the province of Zaire.

And for the Congolese part, the governor of the province of Kasaï, the governor of the province of Kasaï-Central, the governor of the province of Kongo-Central, the governor of the province of Kwango, as well as the vice-governor of the province of Lualaba.

A new armed group in North Kivu named′′ Coalition des movements pour la change du Congo ′′ (CMC)

 A new armed group called ′′ Coalition des movements pour la change du Congo ′′ (CMC) is born in the territory of Rutshuru in North Kivu. Fighters who have been settled for 3 weeks some 4 km from Rutshuru-centre, these militias impose illegal taxes.

There continues acts militants' attacks in North Kivu,last night  A delegation from the NGO WORLD VISION was attacked this Wednesday night between the localities of LUOFU and KASIKI south of the territory of LUBERO.

1 dead by bullet, 1 injured, 2 people kidnapped.

This delegate just fell into an ambush tense by men not otherwise identified.

MPP AISÉ KANENDU urgently requests that Commander FARDC who controls this area be able to explain himself to his hierarchy on this unprecedented fact.

Between LUOFU and KASIKI 5 km a way, and this area is under the control of FARDC, this army which is a refuge for all criminals and warlords.

The injured is already in KAYNA for care.