Cyber Incident Victim: Malawi Police
Date:
Apr 2022
Location:
Malawi
Summary
Malawi Police faced accusations of hacking an investigative journalism outlet's website following the detention of its managing director and confiscation of his devices, with a media advocacy group alleging state involvement due to the timing and circumstances. The targeted website experienced prolonged downtime, raising concerns over privacy violations and suppression of press freedom under national cybersecurity laws. Police denied involvement, citing lack of evidence, and called for collaborative investigations to identify perpetrators while defending their authority to conduct lawful interrogations. The incident amplified existing tensions between law enforcement and media entities regarding constitutional protections for journalists' work.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On April 5, 2022, Malawi Police detained Gregory Gondwe, Managing Director of the Platform for Investigative Journalism (PIJ), and confiscated his computer and phone overnight. Nine days later, on April 14, 2022, PIJ's website (investigativeplatform-mw.org) was hacked, rendering it inaccessible for many hours through at least April 15. PIJ technicians worked to restore service, though full recovery remained ongoing at the time of reporting. Media Institute of Southern Africa (MISA) Malawi immediately linked the cyberattack to Gondwe's detention, stating the timing and circumstances implicated state agents. MISA Chairperson Teresa Ndanga explicitly cited Malawi Police as prime suspects, noting their custody of Gondwe's devices violated Section 21 of Malawi's Constitution on privacy rights. The hacking incident triggered operational disruption for PIJ's journalism platform and heightened concerns about state-sponsored suppression of media freedom under Malawi's Electronic Transactions and Cyber Security Act of 2016, which criminalizes unauthorized system access with penalties including seven-year imprisonment.
MISA Malawi issued a formal statement on April 15, 2022, condemning the attack as intentional intimidation undermining press freedom and public access to information. The organization demanded prosecution of those responsible for both Gondwe's detention and the website breach while urging journalists to resist intimidation. Malawi Police Service denied involvement through Deputy Spokesperson Harry Namwaza on April 16, rejecting MISA's claims as unsubstantiated and emphasizing their lawful authority to investigate suspects. Namwaza invited independent cybersecurity experts to assist in identifying the hackers but did not address the seizure of Gondwe's equipment. The incident drew attention to deteriorating press freedom conditions in Malawi, with MISA warning that such actions damaged the country's democratic reputation internationally. Technical details about the attack vector, data compromise, or full restoration timeline remained undisclosed in available reports.