Kenya has once again emerged as East Africa’s most targeted nation for Distributed Denial of Service – DDoS attacks, recording 46,786 incidents in the first half of 2025, according to NETSCOUT Systems’ latest global threat intelligence report. The country ranks third continent-wide, trailing South Africa and Morocco.
The report shows that cyber attackers continue to adapt to regional dynamics, expanding their focus from traditional telecommunications networks to new digital frontiers. “As the digital landscape evolves, so too do the top targeted sectors,” says Bryan Hamman, NETSCOUT’s regional director for Africa. “Threat actors are testing the resilience of both emerging and established industries.”
Kenya leads East Africa in DDoS attacks
In Kenya, wired and wireless telecommunications firms remain prime targets, with more than 36,000 attacks combined. Yet the inclusion of non-traditional sectors such as clothing retailers, hotels, and even investment advisory services signals a broadening of threat surfaces as more industries digitize their operations. Experts note that this diversification points to attackers’ growing understanding of local economies and their weak points.
The most complex single assault in Kenya employed 23 attack vectors, peaking at 78.3 Gbps. By contrast, Uganda and Tanzania saw declines in attack volumes 881 and 326 incidents respectively though analysts caution that fewer events do not necessarily mean reduced risk. “No sector can assume it flies under the radar,” Hamman warns.
Seychelles, Madagascar, South Sudan: A Mixed Bag
Djibouti, strategically located on the Gulf of Aden and host to ten submarine cables, recorded a 10 percent rise in attacks [3,172], underscoring the geopolitical importance of digital infrastructure. Island states Seychelles and Madagascar also reported rising activity, particularly against computing and hosting services, while South Sudan faced over 1,400 brief but probing offensives.
Analysts interpret the report as a reflection of two converging realities: East Africa’s rapid digital expansion and the maturing sophistication of global cyber actors. Telecommunications, hosting, and financial services pillars of national connectivity remain the region’s digital fault lines.
While NETSCOUT underscores the need for proactive defense and real-time visibility, the broader takeaway for policymakers and enterprises is clear: resilience must evolve as fast as connectivity itself.
