A recent Threat Intelligence Report from NETSCOUT for the first half of 2024 reveals that Ghana, Guinea, and Nigeria are the primary targets of DDoS attacks in West Africa.

Ghana has maintained its position as the leading country in the West African region with respect to the prevalence and variety of cyber threats encountered during the first half of 2024. Notably, Ghana has experienced a significant number of distributed denial of service (DDoS) attacks targeting various industries, including computer services and telecommunications.

In fact, according to NETSCOUT’s 1H2024 DDoS Threat Intelligence Report (TIR), the country was subjected to a total of 4,753 attacks over the six months, of which 2,759 were aimed at computer-related services businesses. Wireless telecommunications carriers (except satellite) received the second highest number of attacks, at 110, with full-service restaurants also noted as another vertical industry under fire. Furthermore, Ghana experienced by far the highest volume attack in West Africa, with the maximum bandwidth of its largest DDoS attack measuring 314.25 Mbps.

Known for an economic resilience that is driven by agriculture and mining, Guinea surprisingly took second spot in the NETSCOUT results for West Africa in terms of attack frequency, with 2,918 incidents listed. Wireless telecommunications carriers bore the brunt of these strikes, which were mostly TCP-type attacks.

Nigeria, a major digital hub in Africa, experienced the third highest volume of cyberattacks in West Africa, coming in at 2,721 for the first half of 2024. Attacks on the computer-related services field were prevalent, as in Ghana, with 867 incidents, but local beauty salons were second on the list for Nigeria, enduring 206 incidents, followed by data processing hosting companies at 116.

Bryan Hamman, Regional Director for Africa at NETSCOUT
“The growing complexity of DDoS threats seen worldwide, including a notable increase in both attack frequency and sophistication, is clearly reflected in Nigeria,” states Bryan Hamman, regional director for Africa at NETSCOUT. “The country experienced more complex attacks than others within the region, with 23 different attacks vendors seen in one single attack, from TCP and CLDAP (Connection-less Lightweight Directory Access Protocol) attacks to Domain Name System (DNS) amplification and many more.”

Côte d'Ivoire and Liberia both faced similar attack frequencies, with 1,598 and 1,515 incidents noted respectively. The two countries also experienced similarities in the types of attacks vectors used - mostly TCP-related - as well as the sector that was hardest hit, which was wireless telecommunications for both.

Again, wireless telecommunications carriers were identified as the prime targets for threat actors in Benin (196 incidents), Senegal (107), Mali (32) and Cameroon (16). “This is in line with NETSCOUT’s global Threat Intelligence Report figures, which measured attacks on the sector at 834,471 for the first part of 2024, a substantial 34% increase on the figures seen for 2H 2023, which was calculated at 622,295,” Hamman explains. “We believe this points to an objective by cybercriminals to disrupt critical communication infrastructure.”

Interestingly, although Cameroon fell more within the middle of the pack in terms of attack frequency, at 544, its largest DDoS attack reached 118.05 Gbps in bandwidth, much higher than the statistics seen for Senegal (27.31 Gbps) for instance, Guinea (12.35 Gbps) or Mali (0.81 Gbps).

Says Hamman: “In some cases, as seen by Cameroon and Ghana as well as Nigeria (134.86 Gbps), attack volumes can reach more than 100 Gbps, requiring upstream providers to mitigate the attack. Although many smaller attacks, such as those around 1Gbps, often bypass detection and mitigation by upstream providers due to being below configured thresholds, they can still have a severe impact on enterprises.”

“Statistics from NETSCOUT’s latest report show that generally, countries within West Africa have not been as heavily targeted as the likes of Morocco in the north of the continent, or South Africa in the SADC region. The latter, in fact, falls within the top five most targeted countries within the entire Europe, Middle East and Africa (EMEA) region,” explains Hamman. “This being said, we are certainly seeing variabilities in attack types and targets across West Africa, reinforcing the need for country-specific cyber defences and resilient strategies to protect these growing digital economies.

“While the West African threat landscape cybersecurity challenges may align in many areas with worldwide trends, the nuances in each country’s threat landscape highlight the importance of localised security strategies to protect both critical and emerging digital infrastructures.”

“NETSCOUT’s Threat Intelligence Report provides essential insights to help West African organisations bolster their cybersecurity defences. By leveraging these findings, businesses across the region can effectively mitigate these evolving threats and secure their digital ecosystems,” he concludes.

Visit our interactive website for more information on NETSCOUT's DDoS Threat Intelligence Report. For real-time DDoS attack stats, map, and insights, visit NETSCOUT Cyber Threat Horizon.

NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) protects the connected world from cyberattacks and performance and availability disruptions through its unique visibility platform and solutions powered by its pioneering deep packet inspection at scale technology. NETSCOUT serves the world’s largest enterprises, service providers, and public sector organizations. Learn more at www.netscout.com or follow @NETSCOUT on LinkedInX, or Facebook.