Ghana, Guinea, Nigeria popular targets of DDoS attacks
Ghana led the West African region in terms of the frequency and diversity of cyber threats in the first half of 2024, with a significant level of distributed denial of service (DDoS) assaults targeting businesses such as computer services and telecommunications.
According to NETSCOUT's first half 2024 DDoS Threat Intelligence Report, the country was subjected to 4,753 attacks over the course of six months, with 2,759 targeting computer-related services businesses.
Wireless telecom carriers (excluding satellite) got the second highest number of attacks (110), with full-service restaurants being another vertical business targeted.
Furthermore, Ghana had by far the highest volume attack in West Africa, with the maximum bandwidth of its largest DDoS attack totalling 314.25 Mbps, according to the cyber security company.
Guinea ranked second in West Africa's NETSCOUT data analysis for attack frequency, with 2,918 incidents reported. Wireless telecommunications carriers faced the brunt of these attacks, which were mostly Transmission Control Protocol (TCP)-based.
Nigeria, a significant digital hub in Africa, had the third greatest number of cyber-attacks in West Africa, totalling 2,721 in the first half of 2024.
Attacks on computer-related services were common, as seen in Ghana with 867 incidents, local beauty salons ranked second in Nigeria with 206 incidents, followed by data processing hosting companies with 116.
“The growing complexity of DDoS threats seen worldwide, including a notable increase in both attack frequency and sophistication, is clearly reflected in Nigeria,” states Bryan Hamman, regional director for Africa at NETSCOUT.
“The country experienced more complex attacks than others within the region, with 23 different attacks vendors seen in one single attack, from TCP and Connection-less Lightweight Directory Access Protocol attacks to Domain Name System amplification and many more.”
NETSCOUT says Côte d'Ivoire and Liberia both faced similar attack frequencies, with 1,598 and 1,515 incidents noted respectively.
The two countries, according to NETSCOUT, also experienced similarities in the types of attacks vectors used - mostly TCP-related - as well as the sector that was hardest hit, which was wireless telecommunications for both.
Again, wireless telecommunications carriers were identified as the prime targets for threat actors in Benin (196 incidents), Senegal (107), Mali (32) and Cameroon (16).
“This is in line with NETSCOUT’s global Threat Intelligence Report figures, which measured attacks on the sector at 834,471 for the first part of 2024, a substantial 34% increase on the figures seen for second half 2023, which was calculated at 622,295,” Hamman explains.
“We believe this point to an objective by cyber criminals to disrupt critical communication infrastructure.”
Cameroon fell more within the middle of the pack in terms of attack frequency, at 544, its largest DDoS attack reached 118.05 Gbps in bandwidth, much higher than the statistics seen for Senegal (27.31 Gbps) for instance, Guinea (12.35 Gbps) or Mali (0.81 Gbps).
Hamman says: “In some cases, as seen by Cameroon and Ghana as well as Nigeria (134.86 Gbps), attack volumes can reach more than 100 Gbps, requiring upstream providers to mitigate the attack.
“Although many smaller attacks, such as those around 1Gbps, often bypass detection and mitigation by upstream providers due to being below configured thresholds, they can still have a severe impact on enterprises.”