Monday, September 02, 2024

 

Apple’s decision in Russia is rotten to the core — restore VPNs on App Store now

Apple must not turn its back on the people or civil society of Russia. Access Now and over 40 Russian and international civil society organizations and experts are demanding Apple stop helping Russia’s authoritarian regime suppress freedom of speech and restore all blocked Virtual Private Network (VPN) services on its app store in the country.

On July 4, 2024, Apple removed multiple popular VPN apps from its app store in Russia on the demand of Roskomnadzor, the country’s censorship agency, to the international community’s alarm.

From civil society to journalists, VPNs are the lifeline for anyone raising a voice for human rights in Russia — without VPNs, there’s no open internet in the country. By toeing the line set by Roskomnadzor, Apple is condemning the people in Russia to unbounded state surveillance and digital dictatorship. Apple is essentially shutting Russia from the global democratic internet with its VPN block.Anastasiya Zhyrmont, Eastern Europe and Central Asia Policy Manager at Access Now

Apple’s decision to comply with Russian authorities runs counter to its own policies and international human rights standards. Further, Apple’s ill-considered decision has put at risk resilient VPN services that have been fighting for an open, safe internet despite continuous attempts by the Russian authorities to block their work. It has also put at peril the work of journalists, researchers, academics, and human rights defenders.

People in Russia already suffer from an unfree internet, aggravated by wartime censorship imposed since the Russian invasion in Ukraine. The Russian government has also continued to press digital platforms to remove Russian civil society content from their platforms, while blocking access to independent media websites, social media platforms, and Russian and international human rights organizations.

By removing VPNs from its App store, Apple has chosen to undermine its policies which acknowledge the critical importance of an open society and freedom of information and expression. Apple must understand the consequences of its actions and make immediate amends, or it will be complicit in Russian authorities’ assault on civic space in the country.Sarkis Darbinyan at Roskomsvoboda

Big Tech must not cede digital space to authoritarian diktats and risk the lives and freedoms of people in Russia. Access Now calls on Apple to immediately restore all VPN service applications previously removed from its App Store in Russia and not to comply with requests and orders from the Russian authorities that violate international human rights standards. 

Open letter to Apple: Stop censoring Runet 

Dear Mr. Cook,

We, the undersigned members of civil society, call on Apple to take transparent and decisive action in response to Russian authorities’ requests and orders to remove Virtual Private Network (VPN) apps from its App Store in Russia.

To our knowledge, Apple removed popular VPN apps, including Red Shield VPN, Le VPN, HideMyName, PlanetVPN, AdGuard VPN, and others, from its App Store in Russia on July 4, 2024.

According to letters sent to VPN service providers by Apple’s app review team, this decision was made in response to the Russian censorship agency’s (Roskomnadzor) demands. However, Apple has failed to explain why it deviated from its own standards and policies, which recognize “the critical importance of an open society in which information flows freely” and state that “hand in hand with the privacy of our users is our commitment to freedom of information and expression.” Instead, the company is yielding to the demands of an authoritarian government eroding the free internet, and ignoring the rights to information and free expression of people using its services.

According to reports by Freedom House and Reporters Without Borders (RSF), Russia falls in the worst category on internet freedom indices and has an “unfree internet.” A joint study by Roskomsvoboda and OONI, following the first year of Russia’s war in Ukraine, also confirms that thousands of internet resources in Russia have been subject to wartime censorship. Since March 2022, authorities have blocked access to all independent media websites, social media platforms such as X, Instagram, Facebook, and YouTube, and Russian and international human rights organizations’ online web resources, including publications by Human Rights Watch, Amnesty International, RSF, Moscow Helsinki Group, and others.

To date, tools based on VPN technology are one of the most effective ways for people in Russia to stay online and access independent information, circumventing pervasive online censorship.

Living in a digital dictatorship, people in Russia rely on the App Store not only as an application store for their devices, but as the only window to free and independent information, accessible via VPN applications. These have been developed by independent media, VPN service developers, and civil society activists.

Furthermore, some of the VPNs removed from the App Store are known for keeping their services available for people in Russia, despite continuous attempts by the Russian authorities to block their work using Deep Packet Inspection (DPI). Unfortunately, Apple’s ill-considered decision to comply with Russian authorities’ demands negates the afore-mentioned actions taken by activists, developers, and journalists to safeguard the right to freedom of information and privacy.

By removing these VPN apps, Apple is making it easier for Russian censors to control information in the Russia’ online space  (Runet). 

Apple must immediately restore all these VPNs to the App Store in Russia, and must not comply with requests and orders from the Russian authorities that violate international human rights standards.

We are alarmed that the company is not sufficiently verifying whether such requests comply with Apple’s own policies and standards. By failing to do so, it is contributing to Russian censors’ attempts to silence human rights and anti-war voices, as well as thousands of independent journalists.

Roskomnadzor’s blocking requests, which are enabled by Russian information laws, contradict both Apple’s own principles, as well as international human rights standards. The European Court of Human Rights (ECtHR) has repeatedly found that Russian legal norms used to restrict access to information are overly vague and incompatible with the European Convention on Human Rights, as seen in the  Kablis v. RussiaOOO Flavus and Others v. RussiaBulgakov v. RussiaEngels v. Russia, and Vladimir Kharitonov v. Russia cases. While specifically assessing Russian authorities’ demands and subsequent actions, the Court concluded that the demands were arbitrary, noting that “suppressing information about the technologies for accessing information online on the grounds they may incidentally facilitate access to extremist material is no different from seeking to restrict access to printers and photocopiers because they can be used for reproducing such material,” and pointing out that “the blocking of information about such technologies interferes with access to all content which might be accessed using those technologies.”

The Court also noted that filter-bypassing technologies cannot be seen solely as tools used to malevolently seek out extremist content. Even though any information technology can be used to carry out activities incompatible with democratic principles, filter-bypassing technologies have many legitimate uses, such as enabling secure links to remote servers or channeling data through faster servers to reduce page-loading time. 

The UN Human Rights Committee has also expressed concern about reports that thousands of websites and resources,  as well as a number of social media platforms, have been blocked in Russia, and has called all laws that unreasonably restrict freedom of expression to be urgently repealed. Furthermore, the UN Guiding Principles on Business and Human Rights, which Apple has committed to upholding, require companies to avoid infringing on the human rights of others and to address any adverse human rights impacts resulting from their activities.

We ask you to take these important human rights issues into account when making decisions regarding your platforms.We acknowledge the challenges that Apple may face when requested to comply with laws used to censor and suppress free speech, which violate international and regional human rights standards. This issue has been raised with Apple previously, in the context of app removals in China. However, we are confident that Apple has sufficient tools to counter Russian authorities’ attempts at censorship and to protect people’s rights. Google is currently resisting demands from Roskomnadzor to remove VPN apps from the Google Play Store; Apple should follow its example.

We urge you to assess all blocking orders and requests in terms of their compliance with international human rights standards, and not to accommodate those that restrict access to protected expressions and services (applications), instead challenging their legality by all available means.

We ask you not to concede to the authoritarian Russian government’s efforts to suppress freedom of speech, and to instead restore all blocked VPN services on the App Store in Russia.

We thank you for your attention to this issue. We stand ready to cooperate with to find solutions that will best serve the people using your products and services.

Signatories

Organizations

  • Access Now
  • Amnezia VPN
  • BlancVPN
  • Board of the Civil Society Forum
  • Committee to Protect Journalists
  • Electronic Frontier Foundation
  • Eurasian Digital Foundation
  • GreatFire
  • HidemyName VPN
  • Human Constanta
  • Human Rights Watch
  • Le VPN
  • Majal
  • Mass Media Defence Centre
  • Mediazona (zona.media)
  • Net Freedom 
  • NA SVYAZI
  • OVD-info
  • Pervyi Otdel (First Department)
  • Proton
  • Red Shield VPN
  • Reporters Without Borders (RSF)
  • RKS Global
  • Roskomsvoboda
  • Teplitsa (te-st.org)
  • And three organizations that chose to stay anonymous

Individuals

  • Alexander Plushev, journalist, YouTube Channel “Breakfast show”
  • Dmitry Kolezev, journalist
  • Ekaterina Martynova, publisher of DOXA
  • Galina Arapova, media lawyer, founder Mass Media Defence Centre
  • Ivan Pavlov, founder of Team 29 and First Department
  • Katya Arenina, correspondent of Proekt
  • Ksenia Ermoshina, Senior researcher at the Citizen Lab and eQualit.ie
  • Maxim Katz, politician and youtuber
  • Oleg Grigorenko, Editor in Chief of 7×7 Horizontal Russia
  • Pavel Kanygin, CEO at Prodolzhenie Sleduet Media
  • Roman Dobrokhotov, chief editor The Insider
  • Ruslan Daiyrbekov, Eurasian Digital Foundation
  • Sarkis Darbinyan, cyberlawyer, founder of Roskomsvoboda
  • Sergey Lukashevskiy, Editor in Chief of Radio Sakharov
  • Taisiya Bekbulatova, Editor-in-Chief Holod
  • Zhanna Nemtsova, founder of Boris Nemtsov Foundation
The Double-Edged Sword in Cyber Warfare

Now technology evolves at a breakneck pace, artificial intelligence (AI) has emerged as a double-edged sword.



ByNoureen Akhtar
September 2, 2024
MODERN DIPLOMACY
photo: Unsplash


Now technology evolves at a breakneck pace, artificial intelligence (AI) has emerged as a double-edged sword. It is lamentable that, while AI has opened an astonishing panorama of possibilities across almost every sector, it has also found its way to the cybercriminal universe to fuel new, more professional, complex, and effective cyberattacks. Consequently, it is challenging to overstate the categorical threat of AI-based cyber threats rising within the companies all over the world, so the defense strategy has to be integrated and multilayered.

Ever since AI began penetrating the dark web and other criminal activities, the threats have shifted. These attacks, hitherto, involved human participation and operation of the attack tools, but, the utilization of the still budding AI technologies makes such attacks more automatic, more specific, and more flexible. While human-operated attacks rely on their ability to learn about the target and are hence depended upon their experience, AI-operated attacks can gather huge sets of data in a very short time in addition to which these systems can adjust their operating parameters as per the goal, which in this case is to launch a phishing attack, which also makes these systems smart enough to learn the results of previous attempts and incorporate them into their operating system.

The COVID-19 pandemic that began in early 2020 escalated a new level of remote workforce, which exposed the business to new risks from cyber criminals. AI backed cyber-attacks started to appear as the cyber-attack utilized machine learning and natural language processing to craft the message and its attacks. For example, the attack that began in 2020 is known as the “SolarWinds”[1] attack where the hackers used AI in developing a customized backdoor through which they would be able to get to sensitive information through the organization’s systems without being spotted. This was a big step up from previous types of hacks, which proved that AI can be used to improve the anonymity and capabilities of the adverse campaigns.

During 2021, relative to the previous year there was an increased usage of AI in creating malware and phishing schemes. The threat actors have started employing generative models to generate ‘tailor-made’ malware and phishing subjects which almost looked like the actual ones. For instance, considered to have been deployed in May 2021, the “DarkSide” [2] ransomware attack employed AI-generating emails to secure the installation of a ransomware. These developments pointed out to the fact that AI tools, four, had become very easily available to hackers since they could now automate the production of numerous elaborate as well as sophisticated, individualized attack techniques on a scale that had not been possible before.

In the year 2022, attacks that employ social engineering with the help of AI became more complex. Fraudsters have been using artificial intelligence synthetic deep fakes to disguise identities of people with whom the target engages in communication. For instance, in August 2022, an employee of a software company to be face a loss whereby they succumbed to a social engineering blackmail using an AI-generated deep fake audio of the particular employee.[3] To this, the present misdeed was a telling example of AI’s shifting capacity to influence and deceive people with old-fashioned security systems.

In 2023, more than half of cybersecurity respondents opined that generative AI would be more beneficial to cyber attackers as opposed to defenders in the next two years.[4] Their biggest worry was what AI could do for adversaries in terms of phishing, in the development of specific malware, and the spread of fake news. Hackers were already using big generative models for building unsavory chatbots and making it considerably simpler to write phishing emails and generate tailored malware. Such shifting views among security specialists signified the need for organizations to review and enhance their approaches to combating the more elaborate AI-based security threats.

Security leaders said in 2024 that automation of cybercrimes through artificial intelligence would be the order of the day in the next one year. According to Netacea’s research[5], 95% of security leaders felt that AI would be used to automate attacks and 93% felt that AI would be used to generate deep fakes to impersonate persons who are actually trustworthy. The escalation of the utilization of AI in ceasefire operations is anticipated to be more prevalent in the future where researchers believe that the AI control type of cyber-attacks will be the most prominent in the near future. This is as worrying for organizations because it underlines the importance of organizations to adopt a layered protection scheme to combat threats and exploitations which involve use of artificial intelligence, analyze user behavior, train users, prepare for incidences and share information.

The costs of cyber-incidents are not limited only to mere thousands of dollars, but can run into hundreds of thousands or millions of dollars. In a report by Cybersecurity Ventures, it was revealed that the Cybercrime costs globally were expected to hit $10. 5 trillion per annum in the year 2025 from $3 trillion in 2015.[6] Other costs relate to organizational image, legal ramifications, and disruption of business. Many sectors, including the medical and the financial fields, are especially vulnerable to penalties and acrimonious consumer backlash in case of a data leak. This just goes on to signify the need for investments in a good cybersecurity policy and practice.

AI-driven threats require use of AI in order to mitigate such threats in the enduring fight against such cyber ilk. AI based security solutions can process large amounts of data in a matter of seconds and can pin point the events and activities that requires immediate attention, these activities could be related to a possible threat. ML algorithms can refreshingly learn from new set of data in case there is evolution in threat patterns. Threat intelligence solutions based on artificial neural networks are often capable of detecting and neutralizing threats before they are productive. For instance, AI can capture patterns of the network that are out of the ordinary which could indicate a breach. Consequently, these systems, owing to their integration of advanced analytics and machine learning, are capable of providing much faster and much more accurate threat detection and response compared to conventional methods.

Besides detecting the evident danger, organizations need to supervise unidentified activities that imply an ongoing attack. Behavioral analysis entails the observation of users as well as system and the identification of anomalies. For instance, if for some reason an employee’s account began to access a significant amount of data from the organization’s protected network after hours, this could be considered suspicious. Computerized behavioral analysis tools that are based on AI can develop standard behavioral models for the users and systems of an organization. These tools work by monitoring and analyzing behavior day by day; it would be easy for these tools to identify a slight shift that may be as a result of an attacker. It enables organizations to prevent a threat from evolving into a critical one since it is dealt with before it gets to that point.

Saying that, human factor leakage is still considered one of the most critical aspects that expose a system to hacking. Nevertheless, the growing presence of AI in cybersecurity breaks does not remove the reliance on the human factor, mainly phish, and social engineering. Thus, there is a need to increase the awareness of users to dangers and measures that they should take to secure their accounts from cybercriminals. The awareness programs and training sessions often entail advising the employees on various risks and how they should handle them. For instance, workers should be made to understand what a phishing email is and fail to click on links from strangers, and always report such events. This means that through training and creating consciousness on cybersecurity, organizations are likely to minimize a cyber-attack.

However, while preventive strategies for combating cybercrimes have been implemented strongly organizations cannot rule out the occurrence of cybercrime all together. Thus, recognizing an incident response plan is very essential in ensuring an organization is prepared for the occurrence of an incident. This plan should show how the threat will be discovered and isolated, how the bad actors will be removed from the network, and how recovery of the compromised networks/systems will be achieved. AI has applications in the process of handling an incident by providing help in the detecting the incident, its type, and how to prevent the incident. For instance, AI technologies are capable of determining where an attack originated from, which system has been penetrated and begins the fixing process. When such tasks are executed manually, it is time consuming thus the organization is able to handle the incident in a minimal time thus reducing the impact of the attack.

Cyber security is always a team play and often the organizations need to take help of their counterparts in the other organizations, government and with the experts in the field to defend themselves against the new threats. Great threat intelligence can be delivered to communities and this way the organization will be in a position of being able to understand the dangers it is facing and come up with defensive measures which can be effective at that given time. Cooperation with industries and information-sharing programs like the Cyber Threat Alliance (CTA) or Information Sharing and Analysis Centers (ISACs) give good opportunities to cooperation. Through such processes, organizations can get information about novelties in threats and use the collective experiences of different members for the improvement of the existing cybersecurity systems.

AI, including machine learning, has been on the rise stage and the same applies to the use of artificial intelligence by cybercriminals helping in enhancing the development of better, automatic and believable cyber-attacks. Consequently, as AI based threats persist and new ones are developed, it becomes necessary for organizations to employ layered model of defense against the threats. With the help of artificial intelligent driven threat identification, behavioral monitoring, user awareness, response to security incidents, and cooperation, an organizational cyber defense can be created to meet the demands of the contemporary world. The war against AI based cyber-crimes persists, however this all-encompassing and preventive strategy would ensure the protection of organizational assets in the future.


[1] Harvard Business Review. “How SolarWinds Responded to the 2020 Sunburst Cyberattack.” Podcast audio, January 2024. https://hbr.org/podcast/2024/01/how-solarwinds-responded-to-the-2020-sunburst-cyberattack.

[2] Sangfor Technologies. “U.S. Colonial Oil Pipeline Hack: Shutdown Due to Ransomware Attack.” Last modified May 26, 2021. https://www.sangfor.com/blog/cybersecurity/us-colonial-oil-pipeline-hack-shutdown-due-ransomware-attack.

[3] Forbes Technology Council. “Deepfake Phishing: The Dangerous New Face of Cybercrime.” https://www.forbes.com/sites/forbestechcouncil/2024/01/23/deepfake-phishing-the-dangerous-new-face-of-cybercrime/.

[4] Sanjeev. “AI in Cybersecurity: Should We Be Excited?” Medium, April 18, 2023. https://sanjeev41924.medium.com/ai-in-cybersecurity-should-we-be-excited-d052d7fbc226. s

[5]Netacea. Cyber Security in the Age of Offensive AI. April 24, 2024. https://netacea.com/reports/cyber-security-in-the-age-of-offensive-ai/

[6] eSentire. “Cybersecurity Ventures Report on Cybercrime.” https://www.esentire.com/cybersecurity-fundamentals-defined/glossary/cybersecurity-ventures-report-on-cybercrime.


Noureen Akhtar
Noureen Akhtar
Noureen Akhtar is a Ph.D. Scholar (SPIR-QAU) and has worked on various public policy issues as a Policy Consultant in the National Security Division (NSD), Prime Minister Office (PMO). Currently, she works in Islamabad Policy Research Institution (IPRI) as a Policy/ Research Consultant and Editor at Stratheia. Her work has been published in local and International publications. She can be reached at akhtarnoureen26[at]gmail.com. She Tweets @NoureenAkhtar16

Africa faces disproportionate burden from climate change and adaptation costs

WMO Press Release
02 September 2024

Abidjan, Cote d’Ivoire (WMO) - Africa bears an increasingly heavy burden from climate change and disproportionately high costs for essential climate adaptation, according to a new report from the World Meteorological Organization (WMO).

Key messages
Temperature increases in Africa slightly above the global average
Multi-year droughts continued in northwest Africa in 2023
Extreme floods caused severe losses and damages
African countries face increasing climate change bill
Investment in early warnings will protect lives and economies





On average, African countries are losing 2–5 percent of Gross Domestic Product (GDP) and many are diverting up to 9 percent of their budgets responding to climate extremes. In sub-Saharan Africa, the cost of adaptation is estimated to be between US$ 30-50 billion annually over the next decade, or 2-3 percent of the region's Gross Domestic Product, says the WMO State of the Climate in Africa 2023 report.

By 2030, it is estimated that up to 118 million extremely poor people (living on less than US$ 1.90 per day) will be exposed to drought, floods and extreme heat in Africa, if adequate response measures are not put in place. This will place additional burdens on poverty alleviation efforts and significantly hamper growth, according to figures cited in the report.

African countries need to prioritize increased investment in National Meteorological and Hydrological Services and accelerate implementation of the Early Warnings For All initiative to save lives and livelihoods. This will help mitigate risks, build adaptive capacity, boost resilience at local, national, and regional levels and guide sustainable development strategies, says the report.

It focuses on climate change indicators and impacts in 2023 – the world’s hottest year on record to date. It supplements the WMO State of the Global Climate report and is one of a series of WMO regional reports which provide the observational basis to help drive action and support decision-making.

“Over the past 60 years, Africa has observed a warming trend that has become more rapid than the global average. In 2023, the continent experienced deadly heatwaves, heavy rains, floods, tropical cyclones, and prolonged droughts,” said WMO Secretary-General Celeste Saulo.

“While many countries in the Horn of Africa, southern and North-West Africa continued to suffer exceptional multi-year drought, other countries experienced extreme precipitation events in 2023 leading to flooding with significant casualties. These extreme events led to devastating impacts on communities, with serious economic implications,” said Celeste Saulo.

“This pattern of extreme weather has continued in 2024. Parts of southern Africa have been gripped by damaging drought. Exceptional seasonal rainfall has caused death and devastation in East African countries, most recently in Sudan and South Sudan. This exacerbates an already desperate humanitarian crisis,” she said.

WMO, the African Union Commission, United Nations Economic Commission for Africa and the African Ministerial Conference on Meteorology will release the report in collaboration with partners at the 12th Climate Change for Development in Africa (CCDA) Conference in Abidjan, Cote d’Ivoire on 2 September 2024.

“The State of Climate in Africa 2023 Report highlights the urgent need for investing in meteorological services and early warning systems to help adapt to climate change and build resilience in Africa. As the impacts of climate change continue to manifest globally, the African continent stands at a critical juncture,” said H.E. Ambassador Josefa Leonel Correia Sacko, Commissioner for Agriculture, Rural Development, Blue Economy and Sustainable Environment at the African Union Commission.

“Africa faces disproportionate burdens and risks arising from climate change related weather events and patterns, which cause massive humanitarian crises with detrimental impacts on agriculture, and food security, education, energy, infrastructure, peace, and security, public health, water resources, and overall socio-economic development,” she said.

Key messages

Temperatures: In Africa, 2023 was in the top three warmest years in the 124-year record, depending on the dataset used. The mean temperature was 0.61° C higher than the 1991-2020 average and 1.23° C above the 1961-1990 long-term baseline.

The African continent has been warming at a slightly faster rate than the global average, at about +0.3 °C per decade between 1991 and 2023. The warming has been most rapid in North Africa, around +0.4 °C per decade between 1991 and 2023, compared to +0.2 °C/decade between 1961 and 1990. Southern Africa experienced the lowest warming trend compared to the other sub-regions, around +0.2 °C/decade between 1991 and 2023.

The highest temperature anomalies in 2023 were recorded across northwestern Africa, especially in Morocco, coastal parts of Mauritania and northwest Algeria.

Several countries including Mali, Morocco, United Republic of Tanzania, and Uganda reported their warmest year on record. Extreme heatwaves in July and August affected northern Africa. Tunis, the capital of Tunisia reached a record of 49.0°C and Agadir, Morocco reached a new maximum temperature of 50.4°C.


Temperature difference in °C with respect to the 1991–2020 climatological period for Africa (WMO Regional Association I) from 1900 to 2023, based on six datasets, including observational datasets.
Source: Data are from the following six datasets: Berkeley Earth, ERA5, GISTEMP, HadCRUT5, JRA-55, NOAAGlobalTemp.


Precipitation


Regions with a marked rainfall deficit included the western part of North and Northwestern Africa, the Horn of Africa, portions of Southern Africa including Zambia, Zimbabwe, Botswana, and most of Namibia. In addition, Madagascar, central Sudan, northern Ethiopia and Uganda suffered from below-normal precipitation.

West Africa experienced a normal to early onset of its monsoon rainy season Precipitation was notably higher than normal in Angola and coastal areas north of the Gulf of Guinea.

Sea-level rise: The rate of sea-level rise around Africa was close to or slightly higher than the global mean rate of 3.4 mm per year. The largest rate of sea level rise was observed in the Red Sea, reaching 4.1 mm per year.
Extreme climate events

Floods: At least 4 700 confirmed deaths in Libya were attributed to flooding following the Mediterranean cyclone ‘Storm Daniel’ in September, with 8 000 still missing.

Parts of Kenya, Somalia and Ethiopia experienced widespread and severe flooding, with more than 350 deaths and 2.4 million displaced people during the April-June rainy season.

Record-breaking tropical Cyclone Freddy caused extensive flooding during the final landfall, both in Mozambique and Malawi, as extremely heavy rain fell (up to 672 mm during the storm in Mozambique). Malawi was especially hard hit with at least 679 deaths reported. A further 165 deaths were reported in Mozambique.

Severe flooding with associated landslides affected central Africa in early May on the border between Rwanda and the Democratic Republic of Congo, killing at least 574 people.

The White Nile in South Sudan reached record high levels in February. Basic needs such as food, clean water, and healthcare were difficult to access and there was a near total collapse of local livelihoods.

In September and October, approximately 300,000 people were affected by flooding across 10 countries, with Niger, Benin, Ghana and Nigeria most heavily impacted.

Drought: Parts of Morocco, Algeria, Tunisia, Nigeria, Cameroon, Ethiopia, Madagascar, Angola, Zambia, Zimbabwe and Democratic Republic of Congo experienced severe drought in 2023. Zambia faced its worst drought in the last 40 years, affecting eight out of ten provinces and approximately six million people.


Precipitation anomalies in mm for 2023 (left): Blue areas indicate above-average precipitation, and brown areas indicate below-average precipitation. The reference period is 1991–2020. Precipitation quantiles for 2023 (right): Green areas indicate unusually high precipitation totals (light green indicates the highest 20%, and dark green indicates the highest 10% of the observed totals). Brown areas indicate abnormally low precipitation totals (light brown indicates the lowest 20%, and dark brown indicates the lowest 10% of the observed totals). The reference period is 1991–2020.
Source: Global Precipitation Climatology Centre (GPCC), Deutscher Wetterdienst (DWD), Germany


Climate-related impacts to agriculture and food security

Climate extremes including floods and droughts had a major impact on food security.

North Africa’s cereal production in 2023 was about 10 percent below the five‑year average estimated at 33 million tons in 2023, similar to the previous year’s already drought‑stricken harvest. Tunisia was worst hit.

Erratic rainfall and the general situation of insecurity kept cereal production at below-average levels in northern parts of the subregion, including Sudan, South Sudan, the Karamoja region in Uganda, Eritrea, Ethiopia, and central and western Kenya. In Sudan, seasonal rains were below average and temporally erratic, with prolonged dry spells. The production of sorghum and millet was forecast to decrease by about 25% and 50%, respectively, compared to 2022.


Investment in adaptation and resilience


Climate-resilient development in Africa requires investments in hydrometeorological infrastructure and early warning systems to prepare for escalating high-impact hazardous events. Investments in National Meteorological and Hydrological Services (NMHSs) in Africa are needed to enhance data collection and improve forecasting capabilities in order to strengthen the ability of these institutions to issue early warnings and advisories for extreme events. There is a particular need to invest in cutting-edge technologies and systems to enhance the accuracy and lead time of weather, climate, and hydrological forecasts.


Hazards of greatest concern for the African region. This graph was generated by WMO using the NDCs of 53 countries in Africa based on the active NDCs submitted as of June 2024.

In sub-Saharan Africa, adaptation costs are estimated at US$ 30–50 billion (2–3% of regional gross domestic product (GDP)) each year over the next decade.
Early Warnings for All

An ambitious Early Warnings for All Action Plan for Africa was launched in September 2023. The primary objective is to make sure that timely and accurate information about natural hazards and impending disasters reaches all segments of African society, particularly the most vulnerable. This answers the call of United Nations Secretary-General António Guterres that every person worldwide must be protected by early warning systems by 2027. A number of African countries have been identified for priority action in the global initiative.

Between 1970 and 2021, Africa accounted for 35% of weather, climate, and water-related fatalities. Yet only 40% of the African population has access to early warning systems – the lowest rate of any region of the world. This new Early Warnings for All Action Plan for Africa seeks to change that.