West Africa’s distributed denial of service (DDoS) threat landscape was led by Nigeria and Mali, as revealed in NETSCOUT’s recently released Threat Intelligence Report for July to December 2024, which delves into trends and methodologies used in attacks globally.
Nigeria was exposed to 1,716 strikes, a significant drop from the 2,721 incidents seen in the first half of 2024. In contrast, Mali experienced a more than ten-fold increase in 2H 2024 up from just 115 seen previously between January and June 2024 to 1,637 in the second half of the year.
“Web search portals and all other information services bore the brunt of attacks in Mali, with an astounding average duration of 1,197 minutes per incident,” says regional director for Africa at NETSCOUT, Bryan Hamman.
“This was followed by wired telecommunications carriers, which was also the most targeted industry at a global level during the same period, with more than 2.1 million incidents.”
“In Nigeria, the most frequently targeted sectors included telecommunications resellers and computing infrastructure providers. Beauty salons also featured on the country’s top ten list, alongside wired telecommunications carriers, then commercial banking, used merchandise retailers, tire dealers, and household electronics wholesalers,” states Hamman.
“This shows once again how threat actors adapt their strategies accordingly within different countries to target those industries that are strong in individual sovereign territories.”
Once again, Nigeria experienced some of the region’s most complex DDoS campaigns, peaking at 22 distinct vendors used in a single attack, primarily TCP, Domain Name System (DNS) amplification, and Internet Control Message Protocol (ICMP) flood DDoS attacks, also known as Ping flood attacks.
Surge in DDoS attacks across West Africa
Liberia emerged as the next most affected country, recording 1,189 DDoS attacks, down slightly from 1,515 incidents in the first half of the year.
Here, computer systems design services businesses were heavily targeted, suffering 360 attacks over the six-month period. The most frequently used attack vector was DNS amplification, with STUN amplification not far behind.
“In Ghana, DDoS activity dropped significantly in the second half of the year, falling to only 917 attacks versus 4,753 earlier in the year. Three of the top four types of businesses under fire this time were ICT-related, namely web search portals and information services (317), wired telecommunications carriers (43), and computing infrastructure providers (4).
Interestingly, footwear manufacturers ranked third, with 14 attacks over the second half of 2024.”
The Democratic Republic of the Congo made its debut in NETSCOUT’s regional rankings, landing in fifth place with 879 reported attacks, comments Hamman.
“While the most significant attack peaked at a modest 0.74 Gbps, the complexity was notable—with up to 15 vectors used in a single attack. Computing infrastructure providers were primarily affected, but a single incident aimed at a satellite telecommunications organization lasted for a gruelling 689 minutes.”
“By the same token, Cameroon may not have been the most targeted country, with 811 incidents, nor experienced the most sophisticated attacks, but statistics gathered show that the maximum bandwidth of its largest DDoS attack measured 200.43 Gbps—surpassing even Nigeria’s 148.77 Gbps.”
Meanwhile, Côte d’Ivoire, Guinea, and the Republic of the Congo all experienced lower attack frequencies, at 495, 341 and 329 incidents, respectively.
Of the three countries, Côte d’Ivoire faced the largest attack, at a bandwidth of 8.66 Gbps, with the primary target being—once again—wired telecommunications carriers.
Following the ICT trend, Guinea’s wireless telecommunications carriers faced the most pressure, while in the Republic of the Congo, telecommunications resellers were hardest hit.
“This latest data from NETSCOUT reinforces a critical truth for West Africa: DDoS attacks aren’t just increasing in frequency but also in intensity and sophistication,” adds Hamman.
“While nations like Nigeria and Mali face a high volume of incidents, others are experiencing powerful, high-bandwidth attacks that can cripple essential services.
Read also: Communications sector remains highly targeted by DDoS Attacks across North Africa – NETSCOUT
“As noted previously, the ICT sector remains firmly in the crosshairs across the continent in its entirety, making it vital for organizations across the region to prioritize proactive defense strategies, invest in continuous risk assessments, and engage in broader cybersecurity collaboration to stay ahead of evolving threats,” concludes Hamman.
Check out the full report here.
