NETSCOUT SYSTEMS, INC. has released its latest Threat Intelligence Report for the second half of 2024, revealing a rise in cyber threats across East Africa, especially through Distributed Denial of Service [DDoS] attacks. The region, including Kenya, Uganda, Tanzania, Seychelles, Djibouti, Ethiopia, and Rwanda, has been targeted as part of the 3.78 million DDoS attacks recorded across Europe, the Middle East, and Africa [EMEA] during this period.
Globally, DDoS attacks rose 12.75% to over 8.9 million incidents. In East Africa, attackers are using more sophisticated, multi-vector methods and are increasingly targeting critical sectors like telecom, banking, finance, and retail.
Kenya
Kenya faced the most attacks in East Africa, with 34,687 incidents, though this was a decrease from the 57,319 attacks in the first half of the year. Targets included telecoms, finance, retail, and IT services. The most complex attack used 21 different methods, with the largest peaking at 144.75 Gbps. Common techniques included TCP ACK, SYN/ACK amplification, and TCP RST.
Uganda
Uganda saw a massive surge in attacks—6,145 compared to 1,564 in early 2024. The telecom sector was hardest hit, followed by computing infrastructure. The largest attack peaked at 79.52 Gbps, using TCP SYN/ACK, DNS Amplification, and ICMP attacks.
Djibouti
Djibouti reported 2,860 attacks, with the longest-lasting assaults in the region—averaging 271 minutes. Top methods included DNS Amplification, TCP RST, and TCP SYN/ACK.
Other Countries
- Tanzania had 531 attacks, up from 352. Targets included hotels and car dealerships, with some attacks using up to 12 vectors.
- Seychelles reported 386 incidents, mostly affecting web hosting, telecom, and software firms. One attack hit 53.58 Gbps.
- Rwanda saw 248 attacks, doubling the previous period. Common vectors included TCP RST, MS SQL RS Amplification, and DNS Amplification.
- Ethiopia experienced 107 attacks, mainly on wireless telecoms, consistent with the first half.
Key Takeaway
NETSCOUT warns that cybercriminals are becoming more aggressive and advanced, with no sector or country immune. The report urges constant vigilance and strong cybersecurity strategies, emphasizing the need for real-time monitoring and smart threat responses to protect infrastructure
