Following the DGID (General Directorate of Taxes and Duties), the DAF (Directorate of Finance and Administration), and now the Treasury, which has been gradually regaining its payment and collection services since Monday, May 18, cyberattacks targeting strategic Senegalese institutions are no longer isolated incidents. The repeated intrusions, striking at the heart of the state's fiscal, administrative, and financial data, are now fueling a more worrying question: Is Senegal becoming a prime target in cyberspace? Seneweb gathered expert opinions to understand this phenomenon.

In recent months, several sensitive platforms and structures have been disrupted or exposed to suspected data leaks. The latest attack targeting the Treasury, with reports of nearly 70 gigabytes of potentially compromised data, has reignited concerns about the government's ability to protect its digital infrastructure. According to the experts interviewed, this recurring pattern primarily reflects structural weaknesses in cybersecurity governance.

For Gérard Joseph Francisco Dacosta, a cybersecurity and digital sovereignty strategist, who reminds us that "100% security doesn't exist. Even major powers are attacked," a system's vulnerability isn't measured solely by its ability to prevent intrusion, but primarily by its capacity to quickly detect an attack, limit the damage, and restore services. "The real problem in Senegal is resilience. When a system fails, how do we get it back up and running? Do we know if an intruder is already in the system? Are we properly monitoring the infrastructure?" he asks.

The expert believes that Senegalese public administrations are lagging behind in continuous network monitoring, intrusion detection, and incident recovery plans. These shortcomings make institutions more vulnerable to increasingly sophisticated cybercriminals.

Criminal attacks or destabilization operations?

No official claim of responsibility has yet clearly identified the perpetrators of the attack against the French Treasury, although the institution stated in a press release published on Monday, May 18, that "the technical analyses carried out at this stage confirm that this incident resulted from malicious acts." Several theories are being considered. Gérard Dacosta believes two scenarios remain plausible. "Either certain groups are practicing before targeting more sensitive targets, or there is an attempt at destabilization," he suggests. The expert, however, urges caution regarding certain figures circulating about the volume of data allegedly stolen. According to him, some groups also exploit "psychological pressure" to increase the pressure on their victims and enhance their visibility.

For Gallo Fall, a US-based cybersecurity expert, recent attacks bear the hallmarks of criminal groups specializing in ransomware. "These attacks are often motivated by financial interests," he explains, citing examples of systems being blocked for ransom or data being resold on the dark web. In this regard, he considers the possibility of a massive data leak from the Treasury particularly worrying. According to him, 70 gigabytes could represent "millions of documents" containing budget information, public contracts, bank details, or even salary payments.

“Once disseminated on the dark web, this data can be exploited for years by fraudsters or criminal networks,” he warns. The expert emphasizes that the consequences extend far beyond the administrative sphere. Compromised data can be used for identity theft, targeted phishing campaigns, or even the creation of fake administrative documents. Therefore, the critical infrastructure protection expert also calls on authorities to communicate more effectively after this type of incident. “After a cyberattack, citizens must be informed, explained, and told what measures are being taken,” he asserts.

Digitalization is outpacing security.

For both experts, the increase in attacks is also a direct consequence of the accelerated digital transformation of the state. Online payments, tax platforms, digitized public procurement, and paperless administrative services are all advances that mechanically increase the attack surface. "The more you digitize, the more vulnerable you become," summarizes Gérard Dacosta. According to him, every additional connection, every device or network used by public employees represents a potential entry point for attackers.

Gallo Fall speaks of a "paradox of digitalization." "The faster you digitize without securing it, the more sovereignty you lose," he says. "Every new, poorly secured digital system becomes an extension of the attack surface for adversaries." He criticizes the use of outdated systems, insufficiently secure access protocols, and a lack of strategic foresight in public digital projects. "A great deal of strategy is needed in terms of monitoring, detection, access control, political governance, employee training and awareness, and also background checks on service providers. Because we cannot depend, for example, on foreign providers," he argues.

The sensitive issue of foreign service providers

Beyond the technical shortcomings, several questions also arise regarding Senegal's dependence on foreign technologies and service providers.

Gallo Fall believes the country must strengthen its control over critical infrastructure and the encryption keys used to protect sensitive data. He cites the DAF precedent where, according to him, some security keys were controlled by an external provider. "Foreign technologies can be used, but they must be mastered, and strategic control must be maintained," he insists.

Gérard Dacosta shares this position, believing that digital sovereignty does not mean rejecting international technologies, but rather enabling Senegalese engineers to understand, manage and secure these tools without systematically relying on foreign experts.

The risk of a loss of trust

Experts believe that the consequences of repeated attacks could become economic and political. A digital administration perceived as vulnerable risks undermining citizens' trust in public platforms, as well as that of international partners. "If the systems that produce financial or budgetary data are compromised, it raises a credibility issue," warns Gallo Fall.

Gérard Dacosta, for his part, fears a scenario of widespread paralysis comparable to that experienced by Estonia in 2007 after a series of massive cyberattacks. "We could wake up one day to find public platforms blocked, services disrupted, and a country digitally paralyzed," he warns. They are therefore calling for cybersecurity to be made a national strategic priority, on par with defense or territorial security.

Train, retain and mobilize local talent

Faced with the rise of cyber threats, experts are finally calling for massive investment in local skills. Both agree that Senegal already has qualified professionals, but struggles to retain them or offer them an attractive working environment. "Many engineers have left for other countries due to insufficient conditions," laments Gérard Dacosta, who calls for the creation of a stable and rewarding environment for digital specialists.

Gallo Fall also emphasizes the need to involve the Senegalese diaspora more in national cybersecurity strategies. “There are Senegalese experts all over the world who can help the country,” he states. They believe that Senegal will not be able to sustainably protect its digital infrastructure without building a genuine national cybersecurity doctrine, based on prevention, technological sovereignty, and the development of strong local expertise.