DDoS Attacks Increase as Africa's Digital Footprint Grows

Initiatives for digital transformation and increased Internet use are exposing African firms to an expanding array of cyberthreats. One indication of the trend is the consistent rise of distributed denial-of-service (DDoS) assaults against companies in a few North African nations, which also have the highest rates of Internet access in the region.

Increased DDoS Activity

DDoS attacks across the Middle East and Africa increased by 30% in comparison to the previous quarter, according to a recent Netscout review of threat activity data from the first half of 2024. The nations of Algeria, Morocco, Tunisia, and Egypt had the most increases in DDoS attacks. Morocco recorded 61,000 DDoS attacks in the first half of 2024, the most in the area at that time. Morocco has a 90% Internet penetration rate. 16,461 of the assaults were focused to wireless telecom manufacturers in the area, over 6,000 were directed at wired telecom companies, and the other attacks impacted organizations in a variety of industry sectors.

Wired telecom carriers were the most commonly targeted entities, followed by wireless carriers and educational institutions. In the first half of the year, organizations in Egypt, another country in the region with a high Internet penetration rate, collectively faced approximately 45,108 DDoS attacks. Netscout discovered that Egypt had some of the most frequent bandwidth attacks at the time, with the largest one clocking in at a hefty 332.96 Gbit/s.

The victimology was similar in Tunisia, where wired or wireless telecom providers accounted for the majority of the 4,511 DDoS attacks that occurred during the first six months. But compared to firms in other nations, Netscout discovered that threat actors were launching more DDoS attacks on Tunisian organizations. Apple Remote Management Service, Constrained Application Protocol (COAP), Connection-less Lightweight Directory Access Protocol (CLDAP), and Domain Name System (DNS) amplification techniques were among the startling 27 vectors used in the largest attack type.

Cyberactivity is Driven by "Online-Ness" and Geopolitical Tensions

"These attacks can be attributed in part to businesses in countries such as Morocco, Tunisia, Egypt, Libya, and Algeria increasing their online presence over the past year," according to Richard Hummel, director of threat intelligence at Netscout. "While digital transformation is generally a cause for celebration, unfortunately, it also means that more devices and services can be disrupted by attacks."

According to Hummel, the rise in DDoS activity across the Middle East and Africa is due to more than just a wider attack surface. "Geopolitical tensions in these regions are also fueling a surge in hacktivist activity as real-world political disputes spill over into the digital world," he claims. "Unfortunately, hacktivists often target critical infrastructure like government services, utilities, and banks to cause maximum disruption." Furthermore, as enterprises in Africa expand their digital footprint, they are facing new dangers that are not limited to DDoS attacks.

Risks of Cybercrime and Cyber-Espionage Are Growing

In a recent report, the Africa Center for Strategic Studies evaluated that the region's growing adoption of communications, IT, and related technologies is quickly expanding and altering threats against organizations and raising national security challenges in the process. The center, which is a US Department of Defense institution, expects that over the next few years organizations in Africa will have to contend with a many of the same cyber threats that entities in other regions of the world have had to contend with for years.

They include cyber espionage. "Cyberspace has fundamentally changed the methods and means through which states gather information on one another and their citizens," the research from the Africa Center stated. "Though the most significant cyberespionage concerns in Africa have centered around China, espionage and surveillance capabilities are rapidly diffusing across the continent."

Concerns about organized crime's financial motivations and attacks on vital infrastructure are also imminent. According to the center's assessment, disruptive cyberattacks might affect networks in the military, banking, telecom, and government sectors in Africa. The relatively high likelihood of cyber incidents brought on by carelessness and accidents only serves to heighten the worry.

According to the Center, organized criminal gangs, which are a problem for organizations in the US, Europe, and other regions of the world, are becoming a bigger threat to organizations in Africa.  "Growing internet penetration rates in Africa has both led to new kinds of cyber-dependent criminal activities, such as business email compromise or romance scams, as well transformed the financing and market dynamics of more traditional organized crime networks." Attacks on supply chains are another significant and growing issue, particularly considering how heavily African businesses depend on international suppliers.

Organizations in Africa will face increasing pressure to put defenses against emerging cyberthreats in place even as they start their digital transformation path, according to Agnidipta Sarkar, vice president and CISO advisory at ColorToken. "The ability to continue business operations, despite cyberattacks, will encourage investments in the region," according to him. "Effectively reporting breaches will emerge as a highly sought-after capability for CISOs, especially [for] those who can."