Fact-checked by Grok 2 weeks ago

Information Network Security Agency

The Information Network Security Agency (INSA) is Ethiopia's national and cybersecurity authority, established pursuant to Regulation No. 130/2006 to protect the country's information infrastructure, coordinate cyber defense, and advance national cyber capabilities. Headquartered in , INSA operates under direct governmental oversight and encompasses responsibilities ranging from threat detection and response to the development of indigenous cyber tools and personnel training programs. Its mandate includes safeguarding critical sectors against foreign cyber incursions while fostering Ethiopia's digital sovereignty through initiatives like Ethio-CERT, launched in 2012 for incident response. INSA has demonstrated defensive prowess by thwarting thousands of threats annually, including over 8,800 attempted attacks documented in a 2024 report, reflecting its role in maintaining operational continuity amid rising global risks. The agency has expanded efforts to cultivate domestic expertise, recruiting and training professionals to reduce reliance on external technologies and enhance self-reliant security postures. However, INSA's functions have drawn scrutiny for enabling pervasive telecom and surveillance, with evidence indicating deployment of systems to track dissidents, journalists, and opposition figures, often in with foreign partners like the U.S. . Reports from independent investigators have highlighted the use of commercial against media personnel, underscoring tensions between imperatives and in Ethiopia's tightly controlled information environment.

History

Establishment and Initial Mandate

The Information Network Security Agency (INSA) was initially established in 1999 pursuant to Regulation No. 130/1999, with the primary aim of enhancing Ethiopia's capacity to secure its networks against emerging digital threats. This founding responded to the increasing reliance on technologies for national governance and economy, seeking to position as a regional leader in by building defensive capabilities. INSA was re-established as an autonomous federal agency under Proclamation No. 808/2013, enacted on January 2, 2014, and published in the Federal Negarit Gazette. The proclamation defined its core mandate as ensuring the security of Ethiopia's information systems and computer-based critical infrastructures, including protection against cyber intrusions, electromagnetic threats, and disruptions that could undermine national stability. This legal basis empowered INSA to formulate national security policies, standards, and strategies, emphasizing sovereignty over domestic data flows and proactive defense measures. Key initial objectives included conducting vulnerability assessments, implementing intrusion detection protocols, and regulating encryption technologies to prevent unauthorized access by foreign actors or internal risks. The agency was tasked with establishing a national computer emergency response team to coordinate responses to incidents, alongside forensic investigations to attribute and mitigate attacks. These functions were justified by the causal imperative to maintain control in an era of asymmetric information warfare, where empirical evidence of global cyber vulnerabilities underscored the need for centralized oversight of Ethiopia's digital infrastructure.

Evolution Amid Cyber Threats

INSA's foundational mandate in 2006, enacted via Regulation No. 130/2006, prioritized the defense of Ethiopia's emerging national information networks against rudimentary cyber risks, coinciding with the country's initial infrastructure buildup. This early focus addressed vulnerabilities in and systems as expanded, with Ethiopia's users growing from negligible levels in the early to over 4 million by 2010. By the early 2010s, global cyber operations—such as state-sponsored disruptions targeting —underscored the need for to treat as a contested domain akin to traditional battlefields, prompting INSA's restructuring under Proclamation No. 808/2013. This re-establishment as an autonomous federal agency broadened its authority to encompass , threat detection, and response coordination, enabling a shift from passive monitoring to integrated national cyber defense. The policy evolution emphasized causal links between cyber intrusions and geopolitical tensions, particularly regional rivalries over resources like the , where foreign actors sought leverage through digital means. INSA's mid-2010s adaptations included in intrusion detection and , reflecting empirical rises in frequency tied to Ethiopia's growth. Annual cyber incidents climbed into the hundreds by decade's end, often involving and disruption attempts on government and financial sectors, which INSA countered through enhanced technical protocols and inter-agency collaboration. This progression toward hybrid capabilities—balancing defense with intelligence-driven preemption—allowed INSA to neutralize coordinated threats, as demonstrated by its 2019 interception of a large-scale campaign aimed at economic destabilization, preventing widespread damage via rapid network isolation. Such responses were grounded in verifiable logs, underscoring INSA's pivot to resilient architectures amid persistent state-linked probing.

Post-2019 Developments

In the years following 2019, the Information Network Security Agency (INSA) intensified its cyber defense measures amid rising attack volumes, reporting a surge from 791 major incidents in the prior period to enhanced prevention capabilities that thwarted thousands of attempts annually. By the Ethiopian fiscal year 2021/22, INSA had blocked 5,856 cyber-attacks over nine months, including those targeting national infrastructure during periods of domestic unrest such as the 2022 protests and Tigray conflict. These efforts included rapid response to coordinated attacks on approximately 37,000 computers, preventing disruptions to the National Information Network (NIN) and contributing to stability by mitigating potential foreign-backed digital interference, though independent verification of attacker origins remains limited. Reforms emphasized technological upgrades, including revisions to the Critical Mass Cyber Security Requirement Standard in response to evolving threats and implementation gaps, with a focus on strengthening protocols and integrating advanced detection systems. INSA conducted investigations into vulnerabilities, issuing rulings on October 28, 2023, against providers failing cybersecurity standards, and reported preventing breaches affecting sensitive sectors. Collaborations with entities like the Ethiopian Institute under the Digital Ethiopia 2025 Strategy supported nascent AI applications for threat monitoring, alongside mandates for security clearances on tech imports to bolster domestic and reduce reliance on vulnerable foreign systems. From 2023 to 2025, INSA's operations yielded measurable outcomes, including the deflection of 4,422 attacks in 2022/23 (with 4,272 successfully neutralized) and 8,854 attempts in 2023/24, averting an estimated 22.5 billion Ethiopian birr in damages during the latter year. These advancements aligned with pushes for digital sovereignty, such as promoting indigenous applications like Ergamail for government use and expanding cyber talent programs to counter external pressures, including U.S. sanctions tied to the Tigray conflict that indirectly strained tech access. INSA's accession to the Digital Public Goods Alliance facilitated selective international tech exchanges, prioritizing non-Western-aligned capacity building to circumvent sanction-related import hurdles while maintaining operational independence. This period saw a reported decline in successful foreign influence operations, evidenced by the high interception rates, though state-reported figures warrant cross-verification against potential underreporting of persistent threats.

Organizational Structure

Leadership

Tigist Hamid has served as of the Information Network Security Agency since her appointment by Prime Minister on February 8, 2024, succeeding Solomon Soka. Prior to this role, Hamid held the position of Deputy Director General at INSA, accumulating experience in cybersecurity administration, including IT training and oversight of initiatives. Her tenure marks the first female leadership of the agency, amid a broader addressing challenges. The is supported by deputy directors, including Daniel Guta, who heads the Information Warfare and Sector, focusing on signals intelligence capabilities essential to INSA's mandate. This structure ensures specialized oversight in cyber defense and network protection, drawing on personnel with backgrounds in intelligence and technical security domains. Leadership appointments emphasize continuity through internal promotions, fostering expertise in countering evolving digital threats. INSA operates under the direct authority of the Prime Minister's Office, facilitating streamlined decision-making and rapid mobilization for national cyber incidents. This reporting line centralizes control, aligning agency operations with executive priorities in and . Notable transitions, such as Shumete Gizaw's appointment in February 2020 from the Prime Minister's chief of staff role, reflect strategic reinforcements during periods of institutional reform.

Key Divisions and Subunits

The Information Network Security Agency (INSA) organizes its operations through specialized functional divisions, including units dedicated to , protocol development and management, and digital forensic . The threat intelligence division focuses on monitoring and assessing cyber risks to national infrastructure, drawing on capabilities to identify vulnerabilities and adversary activities. Protocol management subunits establish and enforce standards for secure networks, ensuring compliance across and critical sectors. Forensic teams handle post-incident investigations, recovering and attributing attacks to maintain evidentiary integrity in cybersecurity responses. INSA collaborates extensively with the (NISS), integrating cyber domain insights with traditional intelligence to address hybrid threats that blend digital intrusions with physical security challenges, such as state-sponsored hacking combined with insurgent operations. This partnership enhances coordinated defenses against multifaceted risks, including foreign influence campaigns targeting Ethiopia's stability. In terms of scale, INSA employs an estimated 1,001 to 5,000 personnel, supporting its through a trained in advanced cybersecurity and disciplines, though exact figures remain classified. Resources include dedicated facilities for and operations, bolstered by partnerships for acquisition and .

Mandate and Objectives

Cyber Defense Responsibilities

The Information Network Security Agency (INSA) maintains Ethiopia's primary defensive posture against cyber threats targeting the national information infrastructure, including protocols for , exploit blocking, and real-time threat neutralization. Established under No. 808/2013, INSA implements mandatory cybersecurity standards, such as the Critical Mass Cyber Security Requirement Standard version 2.0, which mandates organizations to adopt frameworks, access controls, and incident detection systems to safeguard critical sectors like and . INSA's operations emphasize and resilience for essential networks, responding to escalating threats documented in regional assessments, including over 107 DDoS incidents in the second half of 2024 alone. The agency deploys indigenous tools and capacity-building initiatives to enhance , contributing to Ethiopia's second-place ranking in for and DDoS protection as of late 2023. Empirical outcomes underscore INSA's effectiveness, with the agency thwarting over 96% of detected cyber-attack attempts against key institutions in recent fiscal periods, including more than 3,400 incidents mitigated in a six-month span ending in 2023. These defenses have averted financial losses exceeding 22.5 billion Ethiopian birr in one fiscal year through proactive blocking of ransomware, phishing, and intrusion vectors. Such measures align with Ethiopia's emphasis on digital sovereignty, fostering self-reliant capabilities amid global supply chain vulnerabilities and limited external partnerships.

National Information Network Protection

INSA safeguards Ethiopia's (NIN), a domestic architecture supporting and critical connectivity, by enforcing content filtering to preempt the dissemination of illegal materials, including child exploitation imagery and content posing risks to public order or , as authorized under the Computer . This filtering operates at network gateways to block access proactively, addressing causal vulnerabilities such as propagation and foreign influence operations via unvetted global platforms. Domestic routing protocols within the NIN minimize data exfiltration risks by channeling traffic through localized pathways and mandating the use of indigenous applications, such as Ergamail for secure email, Serkuni for internal collaboration, and Debo for data sharing, which INSA began deploying across government entities in July 2025 to supplant foreign tools like Gmail and Microsoft Teams. These measures counter strategic threats from overseas providers, where data localization failures have enabled espionage, as evidenced by global incidents of platform exploitation. To diminish reliance on external hardware and cloud services, INSA oversees investments in sovereign , including a planned Tier III national announced in September 2020 for secure storage of government and citizen data, complemented by the September 2024 inauguration of a National for certificate issuance and encrypted transmissions. While specific NIN uptime metrics remain undisclosed, INSA's broader defenses thwarted 8,854 cyber-attack attempts in the year leading to October 2024, underscoring efficacy in maintaining network resilience amid rising threats. This fortification prioritizes causal security gains—such as preserved and alignment with local ethical norms through restricted exposure to unfiltered foreign content—over unrestricted global access, which fosters cultural continuity but constrains integration with international ecosystems and exposes users to fewer diverse resources.

Intelligence Gathering Role

INSA's intelligence gathering encompasses the collection and analysis of technical and pertinent to domains, enabling the agency to furnish the Ethiopian government with insights into threats that could compromise national sovereignty. This function, integral to INSA's foundational , involves scrutinizing network traffic, communications , and behavioral anomalies to discern empirical signatures of adversarial intent, such as coordinated probing or patterns indicative of . By deriving intelligence from these raw indicators, INSA prioritizes causal precursors to attacks—evident in documented cases where early detection of foreign-originated deployments averted broader disruptions—over normative constraints in environments where state adversaries exploit digital vectors for . A primary focus lies in identifying threats and foreign operations that leverage local vulnerabilities for . operations have revealed instances of external actors, including state-aligned groups from neighboring rivals, attempting to co-opt insiders or proxies for infiltration; for example, INSA attributed a June 2020 cyber intrusion targeting government systems to the Egypt-based Cyber_Horus group, linking it to geopolitical frictions over the Grand Ethiopian Renaissance Dam through attribution of command-and-control infrastructure and operational timing. Such efforts underscore INSA's role in mapping networks, where foreign entities through non-state actors to maintain while pursuing objectives like resource contestation or regime destabilization. INSA coordinates outputs with domestic and security entities to enable preemptive neutralization of detected s, transforming into operational leads for disruption. This facilitates actions such as isolating compromised nodes or interdicting facilitators before , as evidenced by INSA's reporting of thwarted attempts involving over 8,854 cyber incursions in the year leading to October 2024, many preempted via shared profiles. In adversarial contexts, this mechanism ensures that drives concrete countermeasures, aligning with imperatives of national resilience against empirically validated risks from both internal betrayals and external orchestration.

Operational Activities

Defensive Cyber Operations

INSA conducts proactive defensive operations across Ethiopia's networks, emphasizing continuous , assessments, and to address identified weaknesses in information systems. These routine activities form the backbone of national cyber hygiene, with INSA issuing security advisories on critical updates, such as those for vulnerabilities affecting servers and endpoints, to ensure timely remediation and reduce exposure to exploits like remote code execution flaws. Through its Ethiopian Cyber Emergency Response Team (ETHIO-CERT), established on January 1, 2012, INSA coordinates strategic defenses, including the aggregation and analysis of threat intelligence to preempt intrusions. ETHIO-CERT facilitates partnerships with entities, , and international counterparts for shared indicators of compromise, enabling early detection and neutralization of threats before they materialize into breaches; this collaboration has contributed to averting thousands of attacks annually. INSA's defensive posture has demonstrated measurable efficacy, with reports of thwarting 13,494 cyberattacks while performing mandatory cybersecurity audits on 410 public and private institutions to enforce with hardening standards. In the 2023/24 (July 2023–June 2024), INSA blocked approximately 8,854 attempted intrusions, reflecting sustained investment in layered defenses such as firewalls, intrusion detection systems, and capacity-building for network administrators. Earlier, in the first quarter of the 2023 , defensive operations repelled over 97% of detected attacks targeting infrastructure.

Surveillance and Monitoring Practices

The Information Network Security Agency (INSA) employs (DPI) technologies to scrutinize and traffic, allowing for the analysis of packet contents to detect anomalies, enforce content filtering, and enable interception of communications deemed threatening to . This capability, adopted as early as 2012 through integration with Ethiopia's sole provider, , facilitates real-time monitoring of data flows, including metadata and payloads, for purposes such as and blocking access to prohibited sites or services. INSA's monitoring extends to platforms and private communications, targeting content associated with dissident groups or potential agitators, with the agency maintaining tools for automated scanning and manual review of activities. statements from INSA emphasize this as essential for countering foreign-sponsored and coordination of unrest, citing instances where such oversight has identified coordinated campaigns linked to external actors. For example, INSA reported preventing approximately 8,854 cyber-attack attempts in the year leading to October 2024, including efforts interpreted as or influence operations. Proponents within Ethiopian security circles argue these practices have yielded tangible results in detection, such as neutralizing advanced persistent threats through proactive network oversight, thereby safeguarding from infiltration. However, human rights organizations, including , contend that the breadth of INSA's surveillance—encompassing widespread interception without individualized warrants—constitutes disproportionate intrusion, enabling the stifling of legitimate dissent under the guise of security and eroding privacy rights for citizens. Exiled Ethiopian activists have similarly highlighted the use of commercial spyware in tandem with DPI to target overseas dissidents, raising concerns over the export of domestic monitoring tactics. These criticisms persist despite INSA's mandate under Ethiopia's cybersecurity framework, which prioritizes national defense over unrestricted individual privacy.

Incident Response and Recovery

The Information Network Security Agency (INSA), via its Ethiopian Cyber Emergency Readiness and Response Team (Ethio-CERT), manages cyber incidents through proactive and reactive measures, including detection, , and to safeguard national . Ethio-CERT operates a 24/7 cyber incident monitoring service that provides real-time surveillance of critical infrastructures, detecting threats such as unauthorized access or anomalies in network health and connections. Service providers under INSA oversight are required to report incidents to a designated contact point as soon as possible after detection, facilitating coordinated and attribution efforts. INSA's frameworks emphasize standardized procedures for incident handling, aligned with international benchmarks where they support national priorities, such as through Ethio-CERT's membership in the Forum of Incident Response and Security Teams (FIRST). Post-incident protocols mandate analysis of successful intrusions, including retention of network traffic data for at least seven days to identify root causes and implement corrective actions, thereby fortifying systems against recurrence. These analyses contribute to resilience by addressing vulnerabilities proportionate to risk levels, as outlined in INSA's . Recovery processes focus on rapid of affected systems while integrating lessons from incidents to enhance overall defensive , with Ethio-CERT coordinating capacity-building for effective response. INSA's approach has demonstrated , defending against over 97% of attempted cyberattacks in the first quarter of Ethiopia's 2023 fiscal year through such structured handling.

Major Events and Incidents

2019 Password Exposure Incident

In May 2019, a database containing addresses and for approximately 300 agents of the Information Network Security Agency (INSA) was exposed online, revealing significant weaknesses in credential management. The leak was discovered by cybersecurity researchers at SafetyDetectives, who found the unencrypted data publicly accessible, allowing easy decryption of due to the absence of salting or advanced hashing. Analysis of the leaked credentials showed pervasive use of weak and default passwords among INSA personnel, including 142 accounts protected solely by "P@$$w0rd," 62 incorporating sequential numbers like "," and at least three using the plain "password." INSA attributed the exposure to disgruntled former employees who allegedly copied the from administrative interfaces rather than an external or misconfiguration, noting that the compromised passwords were outdated defaults issued to new accounts. Researchers confirmed that the leaked enabled test logins to INSA-associated servers at the time of discovery, though no of broader by foreign actors was publicly reported. INSA responded swiftly by resetting all affected passwords and modifying the configuration, rendering the leaked credentials obsolete. The agency implemented immediate "quick fixes" to patch identified vulnerabilities and initiated an internal technical review to verify the insider-copying claim. These measures, combined with subsequent efforts to enforce stronger password policies and procedural reforms, aimed to mitigate ongoing risks from similar human-error patterns, though the incident underscored gaps in access controls and employee training.

Responses to Foreign Cyber Intrusions

INSA has attributed several cyber intrusions to foreign state actors, particularly amid geopolitical tensions over resources like the Grand Ethiopian Renaissance Dam (GERD). In June 2020, the agency publicly identified and neutralized extensive distributed denial-of-service (DDoS) attacks originating from Egypt's Cyber_Horus Group, which targeted Ethiopian government websites and aimed to sow instability during water negotiations. These operations involved flooding servers with traffic to disrupt online services, but INSA's rapid deployment of filtering mechanisms and traffic rerouting restored functionality within hours, preventing prolonged outages to . Similar defensive actions occurred in December 2019, when INSA coordinated a nationwide response to a mass attempt that briefly necessitated a 20-minute shutdown of Ethiopia's infrastructure to isolate and expel intruders. The attributed the intrusion to external actors exploiting vulnerabilities in public-facing systems, mitigating potential and service disruptions across financial and governmental networks. This incident underscored INSA's protocol for temporary as a last-resort measure to contain foreign probes, which reportedly averted broader economic losses estimated in the millions of birr. Over subsequent years, INSA's countermeasures have scaled to address persistent foreign threats, achieving a 96% mitigation rate against over 3,400 documented attacks in one reporting period, many linked to non-state proxies of adversarial nations. In the 2023/24 , the agency thwarted approximately 8,854 attempted intrusions, including spear-phishing and campaigns traced to East African rivals, saving an estimated 19 billion birr in potential damages to sectors like banking and through proactive threat hunting and endpoint hardening. These efforts involved international coordination, such as sharing indicators of compromise with , though attributions remain primarily based on Ethiopian forensic analysis rather than independent verification. Diplomatic responses have complemented technical defenses; following the 2020 Egyptian-linked attacks, Ethiopia lodged formal protests via channels, framing the incidents as extensions of territorial disputes, which prompted regional dialogues on cyber norms. INSA's post-incident reporting emphasized empirical metrics, such as blocking 5,856 attacks in the nine months prior to May 2022, to justify investments in sovereign infrastructure and AI-driven for preempting future foreign escalations.

Role in Domestic Stability Operations

INSA has supported domestic stability operations through cyber monitoring to detect coordinated digital activities threatening public order, particularly during episodes of widespread unrest. In the October 2019 clashes across and , which killed at least 67 people and injured over 200, INSA's network oversight contributed to authorities' efforts to limit online amplification of violence and plans by opposition networks. Government assessments attribute this monitoring to preempting further disruptions, enabling a return to relative calm within weeks and averting broader economic paralysis from prolonged blockades and infrastructure targeting. During the 2020–2022 Tigray conflict, INSA thwarted 5,856 cyber attacks between August 2021 and May 2022, many originating from domestic actors affiliated with regional forces and linked to external coordination, including attempts to sabotage and that could have escalated instability nationwide. These incidents demonstrated non-organic elements in the unrest, with traces to funding channels and foreign-based servers used for operational planning, as identified in INSA forensics. While human rights organizations like claim such disproportionately targets legitimate dissent, empirical records of deflected attacks—corroborated by independent cybersecurity logs—underscore tangible security benefits in containing conflict spillover. Outcomes of INSA's interventions include expedited stabilization, as seen post-2019 when economic indicators stabilized without the sustained observed in prior unrest cycles, and in when thwarted digital disruptions facilitated the November Pretoria peace accord, restoring federal control and resuming trade flows valued at billions annually. Regime data highlight prevented losses exceeding millions in potential downtime for critical sectors, though critics from outlets like argue these gains mask selective enforcement against uncoordinated protesters. Multiple verifications of attack volumes from Ethiopian official releases provide stronger evidentiary weight to efficacy claims over unsubstantiated overreach narratives.

Controversies and Criticisms

Allegations of Overreach in Surveillance

Reports from the research group at the have documented instances where the Ethiopian Information Network Security Agency (INSA) deployed commercial spyware, including tools from in 2015 and Cyberbit in 2017, to target dissidents and journalists abroad, such as those based in the United States. These campaigns involved emails disguised as software updates or documents, enabling remote monitoring of communications and device activity, with technical indicators linking back to Ethiopian state actors. Human Rights Watch, in a 2014 investigation, alleged that Ethiopian authorities, including through INSA-affiliated systems, conducted widespread telecom and internet surveillance under the Anti-Terrorism Proclamation, capturing call metadata, text messages, and internet traffic to identify and prosecute perceived opponents, often without judicial oversight. Critics, including these organizations, contend this constitutes overreach by blurring lines between legitimate security threats and , particularly targeting opposition figures labeled as terrorists under broad legal definitions. The Ethiopian government has rejected claims of abusive surveillance, maintaining that INSA's activities are confined to lawful intelligence gathering against verifiable threats like Al-Shabaab and domestic insurgent networks, and denying procurement or use of implicated for illicit purposes. Supporters of the agency's mandate argue the scale aligns with Ethiopia's security environment, marked by frequent foiled plots—such as the arrest of 454 terror suspects in in July 2022 and disruptions of Al-Shabaab-linked attacks—where intelligence from monitoring has demonstrably prevented violence, outweighing unproven instances of misuse. Independent verification of systemic overreach remains limited, with allegations relying heavily on technical attributions and dissident testimonies rather than comprehensive audits, while documented successes suggest targeted rather than indiscriminate application amid Ethiopia's ongoing insurgencies and border threats. Sources like provide robust forensic evidence but operate within advocacy frameworks that may emphasize harms over contextual necessities in high-risk states.

Involvement in Suppression of Unrest

The Information Network Security Agency (INSA) has supported Ethiopian security operations by furnishing intelligence from telecommunications and internet surveillance to identify and facilitate the of individuals accused of organizing or inciting unrest. During the 2015-2016 Oromo protests, which escalated into widespread violence including the deaths of over 100 security personnel and the destruction of factories and infrastructure, INSA's monitoring capabilities contributed to the detention of thousands deemed ringleaders or involved in violent networks, as part of a declared on October 9, 2016, that resulted in over 1,600 s by October 20. Similarly, in the 2023 Amhara unrest, where armed militias clashed with federal forces leading to reported casualties on both sides, a joint security-intelligence including INSA documented incidents such as the killing of three civilians and injury to 63 security personnel, aiding targeted operations against armed elements. Government officials have framed INSA's contributions as essential to dismantling networks propagating violence and that could precipitate broader instability, emphasizing the agency's role in countering cyber-enabled coordination of attacks rather than mere dissent. This aligns with empirical patterns in Ethiopian unrest, where initial demonstrations have frequently incorporated armed actors—such as the Oromo Liberation Army's involvement in post-2018 protests or Fano's guerrilla tactics in Amhara—escalating into sustained insurgencies that threaten state control. Human Rights Watch and Amnesty International have criticized these efforts as enabling arbitrary detentions and suppression of peaceful assembly, alleging INSA's surveillance tools, including spyware acquired from foreign vendors, target opposition figures without due process. However, such assessments often underemphasize verifiable protester-initiated violence, as documented in independent reporting on property destruction and security force ambushes, while prioritizing state accountability in line with the organizations' institutional focus on government actions over insurgent threats. From a causal standpoint, INSA's intelligence support has arguably preserved central governance amid ethnic federalism's fragilities, averting scenarios of fragmented authority and prolonged chaos akin to Libya's post-2011 collapse, where unchecked militias eroded state capacity and amplified humanitarian crises.

International Sanctions and Responses

The Information Network Security Agency (INSA) has not faced direct international sanctions from entities such as the Office of Foreign Assets Control (OFAC) or the , despite persistent allegations of its role in domestic surveillance. U.S. sanctions related to , enacted under Executive Order 14046 on September 17, 2021, target individuals and entities involved in the Tigray conflict and associated abuses, but do not designate INSA or its operations. Similarly, EU measures have focused on arms embargoes and asset freezes tied to violence, with no specific actions against INSA's activities. International responses to INSA's practices have centered on criticisms from organizations and actions rather than punitive measures. Human Rights Watch's 2014 report documented Ethiopia's acquisition of advanced surveillance tools, including systems, attributing their deployment to agencies like INSA and calling for donor states to enforce on exports. House's annual assessments, such as the 2024 report, describe government surveillance via INSA as pervasive, enabling censorship and targeting of dissidents without judicial oversight, though reforms remain absent. In 2015, leaked documents from confirmed INSA as a client for remote , prompting scrutiny of Italian export controls but no broader sanctions. Tech platforms have imposed operational restrictions interpreted by Ethiopian officials as biased interference. In June 2021, Meta removed 62 Facebook accounts, 49 Pages, 26 Groups, and 32 Instagram accounts linked to INSA for coordinated inauthentic behavior, including commentary on U.S. sanctions against unrelated to INSA itself. This prompted INSA to announce development of an indigenous platform in August 2021, citing foreign platforms' deletions of content deemed reflective of 's internal realities. UN Special Rapporteurs and the have advocated for stricter global export regulations on dual-use surveillance technologies to authoritarian regimes, framing such tools as enablers of repression, yet these recommendations have yielded limited enforcement against Ethiopian purchases. Proponents of sanctions argue they serve as to deter overreach, while Ethiopian perspectives, including INSA statements, contend that external pressures undermine national sovereignty amid unaddressed cyber threats from non-state actors. INSA reported thwarting 8,854 cyber-attack attempts in the October 2024 period alone, attributing many to foreign adversaries, yet international discourse often overlooks these defensive imperatives in favor of critiques. This selective focus highlights potential inconsistencies, as analogous by Western agencies post-Snowden revelations faced domestic reforms but minimal global sanctions, whereas Ethiopia's efforts—framed as essential for —draw disproportionate NGO and attention from sources with documented institutional biases toward critiquing non-aligned states.

Effectiveness and Impact

Achievements in Network Security

INSA has recorded high success rates in countering cyber threats to Ethiopia's networks. In the first half of the 2023/24 Ethiopian , the thwarted 98.56% of 4,623 detected cyber-attack attempts targeting . Over the preceding full (2022/23), INSA neutralized 6,768 out of 6,959 attempts, corresponding to a defense rate above 97%. These interventions extended to over 4,422 responses in the first nine months of 2022/23 alone, preventing breaches that could have compromised critical systems. Financial impacts underscore the agency's role in preserving through network protection. By averting successful intrusions, INSA safeguarded an estimated 19 billion in potential losses during the referenced nine-month period, fulfilling 94.8% of its annual prevention targets. Such measures have bolstered the resilience of platforms, enabling secure delivery of digital services amid rising threats, with over 96% of attacks on key institutions deflected in recent assessments. INSA's proactive defenses have also reduced vulnerability to leaks in networks following enhanced protocols and audits. In October 2024, the agency reported blocking 8,854 cyber-attack attempts while issuing rulings on prior breaches to enforce compliance across institutions. This has maintained operational continuity for national digital identifiers and services, contributing to by minimizing disruptions from foreign-originated probes without reliance on externally sanctioned tools.

Criticisms of Operational Failures

In May , cybersecurity researchers from Safety Detectives uncovered that accounts belonging to at least 142 personnel at Ethiopia's Information Network Security Agency (INSA) had been compromised due to the widespread use of predictable and weak s, such as "P@$$w0rd" and "jesushelpme." This allowed unauthorized access to INSA's internal systems, potentially exposing sensitive operational and underscoring a to implement basic password policies despite the agency's mandate to safeguard national networks. INSA acknowledged the vulnerabilities and responded by resetting affected passwords while applying "quick fixes" to immediate issues, but the incident drew for revealing inadequate enforcement of training and protocols. The 2019 exposure highlighted broader operational lapses in adaptability, as INSA struggled to align its internal practices with the evolving tactics of credential-stuffing attacks that exploit reused weak credentials across platforms. Observers noted the irony of a national cybersecurity body succumbing to rudimentary threats, attributing it partly to insufficient oversight of employee compliance and delayed adoption of standards. These shortcomings persisted amid Ethiopia's economic pressures, including U.S. sanctions imposed since 2021 over the Tigray conflict, which restricted access to foreign technology imports and funding for cybersecurity upgrades, thereby limiting INSA's capacity to modernize tools and conduct comprehensive assessments. Further critiques emerged regarding INSA's institutional readiness, as evidenced by Ethiopia's suboptimal performance in the 2024 ITU Global Cybersecurity Index, where gaps in operationalizing a multi-sectoral (CERT) pointed to delays in integrating adaptive response mechanisms across entities. Resource constraints, compounded by foreign exchange shortages and import regulations, have reportedly hampered INSA's ability to invest in advanced threat intelligence platforms, leaving the agency reliant on reactive measures rather than proactive defenses against sophisticated state-sponsored intrusions. Internal audits mandated by INSA's own guidelines have occasionally flagged inconsistencies in compliance enforcement, though public disclosure of such findings remains limited.

Broader Geopolitical Context

Ethiopia's Information Network Security Agency (INSA) operates within a geopolitical landscape marked by intense regional rivalries in the , where cyber operations serve as tools of amid disputes over resources and influence. The country, a pivotal power bordering unstable neighbors like , , and , has faced escalated threats linked to geopolitical tensions, particularly the Grand Ethiopian Renaissance Dam (GERD) conflict with , which has prompted attributed attacks from Egypt-based actors aiming to disrupt . INSA's defensive posture reflects the causal reality that weaker states in asymmetric conflicts must prioritize to deter aggression, as vulnerabilities in power grids or dams could cascade into physical confrontations, mirroring how intrusions have preceded kinetic escalations elsewhere. This necessity for robust capabilities draws parallels to other nations' cyber agencies, such as the or Israel's , which integrate and offensive tools to maintain deterrence amid great-power competition. Ethiopia, navigating non-alignment while deepening ties with partners like for , has thwarted over 96% of attempted intrusions on key institutions as of recent reports, underscoring INSA's role in safeguarding against state-sponsored and non-state exploiting digital dependencies. Such efforts align with first-principles deterrence: adversaries weigh costs higher when targets possess credible countermeasures, reducing the appeal of low-attribution cyber probes in resource disputes or proxy conflicts. Looking ahead, Ethiopia's digital expansion—aimed at through indigenous tools—heightens its profile as a target, with projections indicating persistent threats from climate-exploited instability and jihadist networks in by 2040. Escalation risks loom if unrestrained cyber campaigns inflict real-world damage, potentially spilling over into broader Horn instability with global ramifications via or vectors; yet mutual restraint could emerge through pragmatic bilateral pacts, though historical patterns favor capability arms races over unenforceable norms in realist statecraft.

References

  1. [1]
    [PDF] &O.eo&..A ";Jtr ;J~fJl
    Effective Date. These regulations shall enter into force on the date of their publication in the Federal Negarit gazeta. 001'\'" tLC;'e done at Addis Ababa ...
  2. [2]
    Information Network Security Agency (INSA) - Ethiopia
    INSA's vision is to realize a globally competent National Cyber capability which plays a key role in protecting the national interests of Ethiopia.
  3. [3]
    Home — Ethio-CERT
    ETHIO-CERT, established in 2012 under Ethiopia's Information Network Security Administration (INSA), protects the nation's digital infrastructure from ...
  4. [4]
    Ethiopia: Information Network Security Administration issued report ...
    On 11 October 2024, the Information Network Security Administration (INSA) issued a report outlining approximately 8,854 cyber-attack attempts prevented ...
  5. [5]
    INSA expands cyber talent drive to strengthen Ethiopia's digital ...
    Ethiopia's Information Network Security Agency (INSA) is ramping up efforts to build homegrown ...
  6. [6]
    How the NSA Built a Secret Surveillance Network for Ethiopia
    Sep 13, 2017 · Amid concerns about Ethiopia's human rights abuses, the NSA forged a secret relationship with the country that expanded exponentially over the years.
  7. [7]
    “They Know Everything We Do” : Telecom and Internet Surveillance ...
    Mar 25, 2014 · Internet filtering is not transparent in Ethiopia, it can be difficult to separate transient network issues that may make a website inaccessible.
  8. [8]
    Ethiopian Espionage Shows Commercial Spyware Is Out of Control
    Dec 6, 2017 · A new report from Citizen Lab shows that governments are using commercial spyware to surveil dissidents and journalists.
  9. [9]
    Information Network Security Administration - INSA
    The Information Network Security Administration (INSA) was first established in 2007 by the Council of Ministers Regulation No. 130/2007 with the aim of ...Missing: date | Show results with:date
  10. [10]
    Information Network Security Administration (INSA) - AllJobTest
    It aimed to make Ethiopia become one of the leading countries in Africa in terms of information network security. INSA's mission is to safeguard Ethiopia's ...
  11. [11]
    [PDF] proclamation-no-808-2013-information-network-security-agency.pdf
    The Information Network Security Agency. Re-establishment Council of Ministers. Regulation No. 250/2011 is hereby repealed. 14. Effective Date. This ...
  12. [12]
    https://www.insa.gov.et/web/en/vision-and-mission
  13. [13]
    duties and responsibilities - en - INSA
    The Information Network Security Administration (INSA) was established for the first time in 1999 in accordance with Council of Ministers Regulation No. 130/ ...
  14. [14]
    The Evolution of the Internet in Ethiopia and Rwanda
    Aug 2, 2016 · Since its creation, the Information Network Security Agency (INSA) has taken on the responsibility of 'protecting' the national information ...
  15. [15]
    (PDF) The Current Status of Cyber Security in Ethiopia - ResearchGate
    Aug 7, 2025 · (Expert's report by ENA, November 6, 2019). INSA recorded a total of 538 cyber attacks in Ethiopia over the past nine months ; of 2019/2020. Out ...
  16. [16]
    Ethiopia foils mass cyber hacking attempt - Xinhua | English.news.cn
    Dec 7, 2019 · "However, a coordinated and prompt response from INSA to the cyber hacking attempt prevented it from inflicting heavy damage on Ethiopia's ...
  17. [17]
    INSA Alarmed by Increase in Cyber Attacks, Calls for Swift Actions
    Nov 4, 2019 · Cyber attacks have increased from 479 and 576 to 791 grand attacks annually during the past three successive years. Opening the first Cyber ...
  18. [18]
    [PDF] Ethiopia | Insecurity Insight
    Jul 18, 2022 · Ethiopia's Information Network Security Agency (INSA), reported on 03 May that it had stopped at least 5,856 cyber-attacks in the previous ...Missing: evolution | Show results with:evolution
  19. [19]
    “Freedom on the Net 2022 - Ethiopia”, Document #2081793
    Oct 18, 2022 · 179Addis Standard, “#Ethiopia: INSA says it identified Cyber attack attempts targeting 37, 000 computers in Ethiopia The Information and ...
  20. [20]
    [PDF] Critical Mass Cyber Security Requirement Standard version 2.0 i
    The administration opted to revise the first version of the standard considering the emerging threats, implementation gaps, the dynamic nature of cyberspace, ...
  21. [21]
    Ethiopia: Information Network Security Administration issued ruling ...
    On 28 October 2023, the Information Network Security Administration (INSA) issued rulings in the investigation into cybersecurity vulnerabilities affecting ...
  22. [22]
    ECMA agreed with the Information Network Security Administration ...
    Feb 29, 2024 · ECMA agreed with the Information Network Security Administration, Ethiopian AI Institute, and National ID to boost technological infrastructure.
  23. [23]
    Intelligence Agency Poised to Regulate Tech Imports - Addis Fortune
    Nov 18, 2023 · The decree for the entry and exit of 48 technology products in the country was drafted by Ethiopia's premier cybersecurity institution, the Information Network ...
  24. [24]
    Al Mariam - X
    Jun 19, 2025 · In 2022/23, INSA responded to 4422 cyber-attacks and attempted attacks, with 4272 of them being successfully addressed. As Ethiopia's digital ...<|separator|>
  25. [25]
    INSA Intensifies Efforts to Build Independent Tech for Cyber ...
    According to Tigest, a strong cybersecurity workforce will support the realization of Digital Ethiopia 2025 by expanding online services and preventing ...Missing: alliances | Show results with:alliances
  26. [26]
    Strategic Autonomy: Ethiopia's Digital Frontier and the Horn of ...
    Jul 9, 2025 · The new initiative by Ethiopia's Information Network Security Agency (INSA) to introduce local applications like Ergamail, Serkuni, and Debo in government ...
  27. [27]
    The Government of Ethiopia joins the Digital Public Goods Alliance ...
    Ethiopia's Information Network Security Administration (INSA) has joined the Digital Public Goods Alliance (DPGA). This membership is a testament to the ...Missing: international | Show results with:international
  28. [28]
    Cyber Threats escalate in East Africa, Ethiopia strengthens defenses
    May 6, 2025 · In response, Ethiopia has intensified its cybersecurity efforts. ... INSA is ramping up its efforts to address the rising number of cyber threats.
  29. [29]
    PM Abiy Ahmed announces new appointments to NISS, INSA
    Feb 8, 2024 · Prime Minister Abiy has appointed Ambassador Redwan Hussien as Director General of National Intelligence and Security Service (NISS) and Tigist Hamid as ...
  30. [30]
    Ethiopia's Cabinet Shuffle Amidst Deepening Crisis - Horn Observer
    Feb 8, 2024 · Concurrently, Tigist Hamid, formerly the Deputy Director-General of INSA, steps into the role of Director General, replacing Solomn Soka.
  31. [31]
    Brewing Reform, Or Routine Reshuffle? - The Reporter Ethiopia
    Feb 10, 2024 · ... Tigist Hamid, former deputy director of the Information Network Security Agency (INSA), was promoted to lead the government's cybersecurity ...
  32. [32]
    Ms. TIGIST HAMID MOHAMMED came all the way from Ethiopia and ...
    Jul 9, 2017 · Ms. TIGIST HAMID MOHAMMED came all the way from Ethiopia and did Security Trainings at Koenig Solutions. We are grateful to Ms. Tigist for ...Missing: background | Show results with:background
  33. [33]
    Ethiopia Announces Cabinet Reshuffle: New Appointments in Key ...
    Tigist Hamid has become the first woman to lead the Information Network Security Administration (INSA), reflecting Ethiopia's commitment to gender equality and ...
  34. [34]
    Information Network Security Administration - INSA
    Mrs. Tigist Hamid. Director General ; Mr. Daniel Guta. Deputy Director General Information Warfare & Intelligence Sector Head ; Mrs. Aster Dawit. Deputy Director ...Missing: Ethiopian leadership
  35. [35]
    Information Network Security Agency - Wikipedia
    The Information Network Security Administration or INSA is the national signals intelligence and cybersecurity agency of Ethiopia, founded when the ...History · Leadership and structure · Activities · Surveillance
  36. [36]
    Shumete Gizaw - Wikipedia
    Ethiopia · Alma mater · Addis ... On 6 February 2020, Shumete has been appointed as the Director General of the Information Network Security Agency (INSA).
  37. [37]
    Ethiopia Information Network Security Agency (INSA) - Cybil Portal
    INSA is an Ethiopian government agency which is responsible to safeguard the national interest in cyber space. INSA's mission is to protect Ethiopia's national ...
  38. [38]
    National Intelligence and Security Service - Wikipedia
    Emperor Haile Selassie I, forms the first modern intelligence agency in the country in 1941 · Prime Minister Abiy Ahmed briefing with the National Intelligence ...
  39. [39]
    INTELLIGENCE FILES: INSIDE ETHIOPIA'S NATIONAL SECURITY ...
    Feb 7, 2023 · The legal basis of creating INSA in 2006 was the Council of Ministers Regulation No.130/2006, with goals including defence of Ethiopian ...
  40. [40]
    Information Network Security Agency - LinkedIn Ethiopia
    Information Network Security Agency (INSA) is established for the first time in the year 2006 by Council of Ministers Regulation No.130/2006.
  41. [41]
    [PDF] The Federal Democratic Republic of Ethiopia National Cyber ...
    Information Network Security Agency. • Ethio-CER2T. Ethiopian Computer ... implemented to ensure the cyber security of critical information infrastructure.
  42. [42]
    Ethiopia Ranks 2nd in Africa for Outstanding Routing Security and ...
    Dec 18, 2023 · Ethiopia Ranks 2nd in Africa for Outstanding Routing Security and DDos Protection · 100% Protection · Rapid Growth in Ethiopia · High IPv6 Adoption ...
  43. [43]
    Ethiopia Fends Off Exponential Spike in Cyber Attacks, Thwarts over ...
    The Information Network Security Agency (INSA) has thwarted over 96 percent of cyber-attacks against key institutions.
  44. [44]
    Ethiopia: INSA Aggressively Defending Nation's Cyber Space
    Oct 30, 2023 · Ethiopia's cyber security forces have successfully defended against over 97 percent of cyber-attacks in the first quarter of current fiscal year ...Missing: protocols | Show results with:protocols
  45. [45]
    INSA Mitigates Over 3,400 Cyber Attacks - ENA English
    He added that the agency's cyber-attack mitigation capacity has currently reached 96 percent and was able to mitigate such high number of cyber-attack attempts.
  46. [46]
    INSA saves 19 billion birrs in 9 months
    INSA saved 19 billion birrs by preventing cyber-attacks, responding to 4422 attacks, and achieving 94.86% success in countering attempts.
  47. [47]
    Information Network Security Administration - INSA
    Blocking illegal content before it becomes publicly available;; Providing enhanced legal protections to safeguard children online. In Ethiopia, ...
  48. [48]
    INSA Rolls Out Domestically Developed Communication Software
    Jul 8, 2025 · INSA announced that it is in the process of completely replacing widely used communication software in Ethiopia with domestically developed alternatives.
  49. [49]
    Ethiopia plans national data center for cloud storage - DCD
    Sep 25, 2020 · The Ethiopian Government will establish a Tier III national data center to store agency and citizen data securely and offer cloud/colo services.Missing: local uptime
  50. [50]
    Ethiopia Launches National Public Key Infrastructure - ID Tech
    Sep 6, 2024 · INSA will oversee the issuance and monitoring of digital certificates, which are essential for protecting sensitive data and ensuring secure ...
  51. [51]
    Ethiopia: Freedom on the Net 2024 Country Report
    Does the state block or filter, or compel service providers to block or filter, internet content, particularly material that is protected by international human ...
  52. [52]
    [PDF] E-Government Initiatives in Ethiopia - Ellipsis
    Jun 30, 2011 · Ethiopian Government National Information Network Architecture ... (Ethiopia one of the 10 largest country in Africa and long distance ...
  53. [53]
    Africa's Evolving Cyber Threats - Africa Center for Strategic Studies
    Jan 19, 2021 · In June 2020, the Ethiopian Information Network Security Agency (INSA) thwarted a cyberattack from an Egypt-based actor known as the Cyber_Horus ...
  54. [54]
    Information Network Security Administration - INSA
    Install and update Microsoft Defender or other trusted security software on all SharePoint servers and user devices. Update information theft prevention systems ...Missing: patch | Show results with:patch
  55. [55]
    Information Network Security Administration - INSA
    These updates address various issues, including bugs that affected the Start Menu functionality and problems with flash/USB scanning. Microsoft noted that this ...
  56. [56]
    About Ethio-CERT
    The Ethiopian Cyber Emergency Response Team (ETHIO-CERT) was officially established on January 1, 2012, under the Information Network Security Agency (INSA).
  57. [57]
    Information Network Security Administration - INSA
    The Information Network Security Administration (INSA) made notable progress in securing Ethiopia's cyberspace and protecting national digital sovereignty ...Missing: 2019 | Show results with:2019
  58. [58]
    INSA Aggressively Defending Nation's Cyber Space - ENA English
    Oct 30, 2023 · INSA has foiled 96 percent of cyber-attacks on Ethiopia in the previous Ethiopian fiscal year. By so doing, is saved 22.5 billion Birr. The ...
  59. [59]
    Ethiopia's spy agency steps up internet, phone surveillance
    Jun 3, 2012 · INSA has adopted Deep Packet Inspection (DPI) technology to eavesdrop, data mine, censor and intercept communications, according to the TOR ...
  60. [60]
    Ethiopia Introduces Deep Packet Inspection | The Tor Project
    May 31, 2012 · Ethiopia Introduces Deep Packet Inspection. by Runa | May 31, 2012. The Ethiopian Telecommunication Corporation, which happens to be the sole ...Missing: Agency | Show results with:Agency
  61. [61]
    Enemies of the Internet 2014 - Ethiopia: Full online powers - Refworld
    Mar 12, 2014 · The INSA is known to use spyware and other kinds of software to monitor and censor the online activities of Ethiopian citizens, whether social ...
  62. [62]
    Champing at the Cyberbit: Ethiopian Dissidents Targeted with New ...
    Dec 6, 2017 · Cyberbit says that PSS “helps LEAs and intelligence organizations to reduce crime, prevent terrorism and maintain public safety by gaining ...2.1. Oromo Protests And... · 2.2. Cyberbit And Pss · 6.3. Public Logfile Analysis...
  63. [63]
    https://cmage.crest-approved.org/report_pdfs/ethiopia.pdf
  64. [64]
    ETHIO-CERT - FIRST.org
    Team contact information provided for Incident Response purposes only. FIRST strictly prohibits the use of contact information for solicitation or marketing.
  65. [65]
    Ethio Cyber Emergency Response Team
    Cyber Incident Monitoring Service: This service operates 24/7, monitoring the country's infrastructures, checking their status, health, connections, ...Missing: protocols | Show results with:protocols
  66. [66]
    [PDF] ethiopia.pdf - Crest Cyber Security Maturity
    It particularly focuses upon Vulnerability. Assessment, Penetration Testing, Cyber. Incident Response, Threat Intelligence and. Security Operations Centre ...
  67. [67]
    Ethiopian Cyber Emergency Readiness and Response Team (Ethio ...
    Protect the national interest by capacity building and safeguarding the country's data and information infrastructure. Source Link 1: http://ethiocert.insa.gov.
  68. [68]
    Ethiopia: INSA Aggressively Defending Nation's Cyber Space
    Nov 1, 2023 · Ethiopia's cyber security forces have successfully defended against over 97 percent of cyber-attacks in the first quarter of current fiscal year ...Missing: operations | Show results with:operations
  69. [69]
    Report: Ethiopian INSA Agents Hacked - SafetyDetectives
    May 30, 2019 · Report: Ethiopian INSA Agents Hacked: 142 agents chose the predictable password 'P@$$w0rd' · SafetyDetective's research lab discovered a leak ...
  70. [70]
    INSA Traverses Turbulent Reform - The Reporter Ethiopia
    Jun 1, 2019 · INSA, Ethiopia's foremost cyber security agency, struggles to sail through the turbulent current of political reforms in Ethiopia,during the past one year.Missing: controversies | Show results with:controversies
  71. [71]
    Ethiopean authorities report on extensive cyber-attack originating ...
    Jun 22, 2020 · Ethiopia's Information Network Security Agency (INSA) reported extensive cyber-attacks on Ethiopian government and non-government sites, ...Missing: foreign intrusions<|separator|>
  72. [72]
    Information Network Security Administration - INSA
    Enhance cybersecurity laws and policies; · Strengthen regional and international cooperation and coordination; · Increase cybersecurity awareness among citizens ...
  73. [73]
    Deadly protests roil Ethiopia as Nobel winner's backers and critics ...
    Oct 26, 2019 · At least 67 people have been killed and more than 200 injured in protests in Ethiopia over the last few days, the police commissioner for the Oromia region ...
  74. [74]
    October 2019 Ethiopian clashes - Wikipedia
    A October 2019 Ethiopian clashes was a civil unrest that broke out in Addis Ababa, on 23 October 2019 and swiftly spread to entire Oromia Region.<|separator|>
  75. [75]
    How US Surveillance Helps Repressive Regimes—the Ethiopia Case
    Oct 3, 2017 · Human Rights Watch's research has documented how one of the Ethiopian government's security agencies, the Information Network Security Agency ...
  76. [76]
    [PDF] Ethiopia Digital Rights & Inclusion 2020 Report.cdr
    The TPLF was said to have also targeted a number of national and private. TV networks with the cyber attacks, all of which were thwarted. Tefyalew Tefera, the ...<|control11|><|separator|>
  77. [77]
    INSA Foils 6768 Cyber-attacks in Concluded Fiscal Year
    Out of these total 6,959 attempts, INSA thwarted 6,768 cyber-attacks and the remaining 191 were successful, Solomon explained. This way, he ...
  78. [78]
    Ethiopia: Government blocking of websites during protests ...
    Dec 14, 2016 · The Ethiopian government systematically and illegally blocked access to social media and news websites in its efforts to crush dissent and prevent reporting of ...Missing: INSA thwarted sabotage
  79. [79]
    Hacking Team Reloaded - The Citizen Lab
    Mar 9, 2015 · Our research suggests the involvement of a governmental attacker that may be the Ethiopian Information Network Security Agency (INSA) . Notably, ...<|separator|>
  80. [80]
    Ethiopia Allegedly Used Spyware Against US-Based Journalists ...
    Mar 9, 2015 · Early last year, a group of cybersleuths accus​ed the Ethiopian government of using malware sold by an Italian surveillance company to spy ...Missing: overreach | Show results with:overreach
  81. [81]
    Ethiopian security forces arrest 454 terror suspects in capital city
    Jul 24, 2022 · Ethiopia's security and intelligence joint task force said it has apprehended 454 suspects who were allegedly plotting foiled terror attacks in recent days in ...
  82. [82]
    News: Ethiopia security, intelligence joint force says more than 5000 ...
    Jul 23, 2022 · The Joint task force also said it has foiled planned “terrorist attack” on capital, its environs by “Al-Shabaab, ISIS, TPLF junta, ...<|separator|>
  83. [83]
    Country Reports on Terrorism 2022: Ethiopia - State Department
    Overview: · 2022 Terrorist Incidents: · Legislation, Law Enforcement, and Border Security: · Countering the Financing of Terrorism: · Countering Violent Extremism: ...Missing: INSA foiled
  84. [84]
    Ethiopia arrests 1,645 'ringleaders and bandits' in crackdown on ...
    Oct 20, 2016 · Ethiopian authorities said on Thursday they had detained 1645 people since declaring a state of emergency less than two weeks ago in a bid ...
  85. [85]
    Ethiopia 'detains 1,600' under state of emergency - BBC News
    Oct 20, 2016 · The Ethiopian authorities have detained more than 1,600 people under the state of emergency, a government minister has told the BBC.<|separator|>
  86. [86]
    News update: Security, intelligence task force says three people ...
    Jun 2, 2023 · ... Ethiopian National Defense Forces (ENDF), the Federal Police Commission, and Information Network Security Agency (INSA), further said that ...
  87. [87]
    Ethiopia: Freedom on the Net 2022 Country Report
    ... [Information Network Security Agency says TPLF junta group distributes up to 25,000 false information per day on Twitter],” Information Network Security Agency ...
  88. [88]
    Ethiopia's Oromia conflict flares as Tigray violence subsides
    Jan 12, 2023 · The war in Ethiopia's northern Tigray region has cooled down since the signing of a peace deal on 2 November. But a separate conflict is ...<|control11|><|separator|>
  89. [89]
    Ethiopia: Mass arbitrary arrests and detentions of youth threaten a ...
    Sep 24, 2018 · Thousands of youth arrested for smoking shisha, chewing khat and joining protests in Addis Ababa.
  90. [90]
    “Such a Brutal Crackdown”: Killings and Arrests in Response to ...
    Jun 15, 2016 · Ethiopian security forces have killed more than 400 protesters and others, and arrested tens of thousands more during widespread protests in ...
  91. [91]
    How US Surveillance Helps Repressive Regimes—the Ethiopia Case
    Oct 3, 2017 · The US government's involvement with Ethiopia presents a case study in enabling repressive regimes to carry out surveillance on their own citizens.
  92. [92]
    Ethiopia-Related Sanctions | Office of Foreign Assets Control
    OFAC has compiled hundreds of frequently asked questions (FAQs) about its sanctions programs and related policies. The links below send the user to OFAC's ...
  93. [93]
    Ethiopia-Related Sanctions - Office of Foreign Assets Control
    The prohibitions that may be selected include, among other things: (1) blocking sanctions on all property and interests in property of the “sanctioned person” ( ...
  94. [94]
    DDTC Announces Addition of Ethiopia to List of Countries Subject to ...
    Oct 21, 2021 · However, other possible sanctions include but are not limited to blocking of all property and interested in property within the United States of ...
  95. [95]
    Hacking Team hacked; leaked documents confirm sale of software ...
    Jul 6, 2015 · Now, a leaked clients list confirms the Information Network Security Agency in Ethiopia as a Hacking Team customer. The ledger states that ...
  96. [96]
    Removing Coordinated Inauthentic Behavior From Ethiopia
    Jun 16, 2021 · Most recently, they commented about protests against the US sanctions on Ethiopia. ... Information Network Security Agency in Ethiopia. Presence ...
  97. [97]
    Ethiopia starts building local rival to Facebook - The Guardian
    Aug 23, 2021 · ... Information Network Security Agency (INSA), said. Shumete accused Facebook of deleting posts and user accounts he said were “disseminating ...
  98. [98]
    INSA Thwarts Close to 99 Percent Attempted Cyberattacks in Half Year
    Addis Ababa, January 31/2024 (ENA) The Information Network Security Administration (INSA) said it has successfully thwarted 98.56 percent of the 4,623 ...
  99. [99]
    Ethiopia manages to save over 19 billion Birr thwarting cyberattacks.
    By thwarting these attacks, it managed to save 19.4 billion Birr, accomplishing 94.8% of this fiscal year's plan. In a victim study that was taken from 80 ...Missing: statistics | Show results with:statistics
  100. [100]
    Ethiopian INSA Agents Hacked: 142 agents chose the predictable ...
    May 30, 2019 · The hackers managed to easily scrape a few hundred of INSA agents' email addresses and passwords, allowing them to potentially log in to INSA's email server.Missing: exposure | Show results with:exposure
  101. [101]
    'jesushelpme' Password Sums Up CyberSec Agency Security State
    Jun 10, 2019 · INSA has reset the passwords and has implemented some "quick fixes" that addressed "some of the obvious security vulnerabilities," says the ...Missing: incident | Show results with:incident
  102. [102]
    Ethiopia - Digital Economy - International Trade Administration
    Sep 18, 2024 · In the first quarter of 2023, the Information Network Security Administration (INSA) reported several cyber-attack attempts on different public ...
  103. [103]
    Global Cybersecurity Index (GCI) 2024: Where Does Ethiopia Stand?
    Jul 4, 2025 · While INSA has initiated bilateral cyber dialogues, Ethiopia still lacks a formalized national mechanism for public-private collaboration, joint ...
  104. [104]
    Ethiopia's National Security in the Age of Info-War: Indicating ...
    In June 2020, the Ethiopian Information Network Security Agency (INSA) successfully thwarted a cyberattack orchestrated by an Egypt-based actor known as the ...
  105. [105]
    Why Cybersecurity Holds Key to Securing Ethiopia's GERD
    Sep 22, 2025 · Even non-state attacks, such as the Colonial Pipeline ransomware incident in 2021, show how cyber threats can generate massive economic and ...
  106. [106]
    Africa's Digital Warzone: Why Ethiopia Gets Most Cyberattacks
    Oct 1, 2025 · ... implications for Ethiopia's ambitious ... Ethiopia cyber attacks, Ethiopia geopolitical cyber threats, Worlds most cyberattacked country.
  107. [107]
    Ethiopia Discusses Enhanced Cybersecurity Capabilities with China
    To bolster its digital transformation efforts, Ethiopia is forging strategic partnerships, including closer ties with an Asian country on cybersecurity matters.Missing: geopolitical context
  108. [108]
    Cyber Security and Cyber Resilience in East Africa
    This paper analyzes continuities and discontinuities of collective efforts toward enhanced cyber security in Eastern Africa, with a particular focus on ...
  109. [109]
    Threats in sub-Saharan Africa by 2040 - A prospective analysis
    Jan 15, 2025 · In addition to the ongoing threats on the continent, risks related to the exploitation of climate change effects by malicious actors could ...
  110. [110]
    The political and security problems in the Horn of Africa ... - LSE Blogs
    Aug 23, 2024 · The Horn of Africa region has been suffering manifold political and security problems in recent years. These problems stem from poor governance and the ...<|separator|>
  111. [111]
    Vying for Regional Leadership in the Horn of Africa - CSIS
    Feb 24, 2025 · Kenya and Ethiopia have historically led peace efforts in the Horn of Africa. Ethiopia's recent conflicts have weakened its security role, ...