MultiChoice strengthens Africa’s digital ecosystem, protecting creative content and customer data through advanced cybersecurity solutions

Cybersecurity has evolved from a technical necessity to a core pillar of trust, business continuity, and safe digital experiences

For MultiChoice, Africa’s leading video entertainment company, protecting both customer data and the creative works at the heart of its business is a top priority. In an increasingly connected environment, threats such as phishing, ransomware, and piracy continually evolve, posing risks not only to corporate systems but also to the creative content that drives Africa’s entertainment economy.

To address these challenges, MultiChoice invests heavily in advanced cybersecurity systems, global best practices, and strategic partnerships. The company’s dedicated cybersecurity and information security teams monitor digital threats around the clock, ensuring data integrity and maintaining a secure environment for millions of customers across the continent. These efforts demonstrate that cybersecurity is not just about defending networks; it is also about protecting intellectual property and the creative output that fuels Africa’s storytelling industry.

A major area of focus for MultiChoice is combating piracy, one of the most persistent threats to the sustainability of local content. Piracy undermines creators, producers, and investors by depriving them of rightful earnings. To tackle this, MultiChoice has partnered with global leader Irdeto, a specialist in digital platform cybersecurity. Together, they have developed cutting-edge anti-piracy technologies capable of detecting, disrupting, and removing illegal content distribution networks in real time.

Beyond technology, MultiChoice collaborates closely with law enforcement to bring perpetrators to justice. Several operations have successfully dismantled piracy syndicates, leading to arrests and reinforcing the company’s commitment to defending Africa’s creative economy. Through these measures, MultiChoice is setting a benchmark for content protection across the continent, safeguarding intellectual property while supporting the growth of local creative industries.

Cybersecurity Awareness Month serves as a timely reminder that protecting digital assets, whether personal data or creative content, is a shared responsibility. MultiChoice continues to champion this mission by fostering a culture of awareness, innovation, and collaboration. By integrating advanced cybersecurity technologies, partnering with global experts, and actively supporting law enforcement efforts, the company ensures that African creativity is both respected and secure.

MultiChoice’s ongoing initiatives, from monitoring threats to combating piracy, reflect a broader mission: “to create a secure, trusted, and sustainable digital ecosystem where African creativity can thrive.” In doing so, the company not only protects its platforms and customers but also empowers the continent’s creative industry, ensuring that local storytellers, producers, and innovators can flourish in a safe and resilient digital environment.

NETSCOUT’s report shows Morocco, Tunisia, Libya, and Algeria facing intensifying DDoS threats on telecoms in early 2025

NETSCOUT SYSTEMS, INC., a leading provider of observability, AIOps, cybersecurity, and distributed denial of service (DDoS) protection solutions, has released its latest global threat intelligence report highlighting the intensification of DDoS attacks across North Africa

The study shows that telecommunications operators, both wired and wireless, were the primary targets in Morocco, Tunisia, Libya, and Algeria during the first half of 2025.

Northern Africa by the numbers

Morocco registered more than 75,600 DDoS incidents, making it the second highest in Africa for attack volume after South Africa. Tunisia experienced the continent’s longest single DDoS campaign, lasting nearly seven hours (418.68 minutes), while also recording the highest bandwidth peak at 756.61 Gbps. Libya faced the second-longest single attack in the region at 242.6 minutes, with the highest attack complexity recorded, involving 23 vectors in one incident. Algeria, although recording fewer attempts (186), still endured significant threats, with peaks of 432.02 Gbps in bandwidth and 41.05 Mpps in throughput.

“Across the region, threat actors consistently targeted the telecommunications sector, unleashing high-volume, multi-vector attacks that disrupted connectivity and threatened service reliability,” commented Bryan Hamman, regional director for Africa at NETSCOUT. “Overall though, the results show an interesting mix of results when compared to our last Threat Intelligence Report, which looked at the second half of 2024.

“For example, Morocco continues to lead North Africa in the number of DDoS strikes sustained, with the country’s attack count rising from around 69,800 to over 75,600. Tunisia shifted from higher volumes - just short of 8,700 in 2H 2024 - to fewer attacks at 6,346 between January and July 2025, but contrastingly with record-breaking peaks in bandwidth and duration.

“Libya, however, more than doubled its attack volume, from just over 1,600 to nearly 3,750 incidents. Algeria saw fewer events but continued to face severe peak magnitudes.”

DDoS activity across the region

In Morocco, the majority of attacks targeted wireless telecommunications carriers, with 64,517 incidents. Wired providers followed with 1,342 incidents, along with research and development organisations in Social Sciences and Humanities (53), and shoe retailers (41). Common vectors included TCP ACK, DNS amplification, and SYN/ACK amplification. The largest recorded attack in the country reached 158.88 Gbps in bandwidth and 17.74 Mpps in throughput.

Tunisia’s attacks primarily struck wired telecommunications providers, with 5,288 incidents, followed by wireless carriers and the hospitality sector (excluding casino hotels and motels). Despite a lower number of attacks compared with 2H 2024, Tunisia endured the largest single DDoS assault in North Africa, with peaks of 756.61 Gbps and 49.51 Mpps, and an aggregate surge hitting 27 Tbps in April 2025. The average duration of attacks also increased substantially, exceeding 400 minutes in some cases.

In Libya, although peak bandwidths were smaller at 113.15 Gbps, attackers deployed 23 different vectors in a single incident — the most complex attack in the region. Wireless telecommunications providers were the primary targets, with 2,519 attacks, but unusual attempts against gasoline stations were also recorded.

Algeria reported 186 DDoS incidents in 1H 2025, the lowest among the four countries. However, the scale of attacks was significant, with peaks hitting 432.02 Gbps. Both wired and wireless telecommunications operators were the main targets, with DNS amplification identified as the most common attack method.

“North Africa is a prime example of how rapid digital growth attracts malicious activity,” adds Hamman. “The first half of 2025 shows that attackers are not only increasing their volumes in countries like Morocco, but are also using more sophisticated multi-vector methods in Libya and high-magnitude events in Tunisia. Even Algeria, with relatively fewer incidents, cannot ignore the scale of its largest attacks.

“The lesson is clear: organisations must prepare for the scale and sophistication of today’s threats,” he concluded.

NETSCOUT maps the DDoS landscape through passive, active, and reactive vantage points, providing unique visibility into global attack activity. The company protects two-thirds of the routed IPv4 space, securing network edges that carried global peak traffic exceeding 800 Tbps in the first half of 2025. It tracks tens of thousands of daily DDoS attacks by monitoring multiple botnets and DDoS-for-hire services that exploit millions of compromised devices.

Enhanced CWS boosts hybrid multicloud protection

Kaspersky has unveiled an upgraded version of its Kaspersky Cloud Workload Security (CWS) platform, offering enhanced protection for hybrid and multicloud environments

The update addresses the increasing complexity of cloud infrastructures by improving visibility, strengthening runtime defense for containers, and providing organisations with a more flexible, cost-efficient approach to safeguarding workloads.

As cloud infrastructures grow, security challenges continue to pose significant risks. In a research paper titled ‘Alleviating cloud migration difficulties with robust hybrid-cloud and container security’, Kaspersky and ISG found that 60% of surveyed organisations rank monitoring and proactively preventing runtime misconfigurations of cloud assets among their top five concerns regarding current cloud security solutions. The latest updates in CWS aim to help organisations stay ahead of evolving cyberthreats.

Kaspersky Cloud Workload Security consists of two core products: Kaspersky Container Security (KCS) and Kaspersky Hybrid Cloud Security (KHCS). The updated KCS introduces node OS vulnerability scanning and file threat protection, extending runtime security across both nodes and orchestrators. Organizations can now enhance network connection reputation data by integrating their own vulnerability feeds alongside NIST’s and Kaspersky’s databases, providing tailored intelligence that reflects their unique threat landscape.

Operational transparency is also improved with detailed logging of changes in RBAC (Role-Based Access Control) cluster objects. Incident response is more agile thanks to support for WebHooks, enabling data sharing with compatible software even without direct integration. Additionally, KCS now supports Microsoft Azure Registry and Google Cloud Platform Kubernetes & Registry, allowing organizations to secure workloads across a broader set of platforms.

Security policies, including Assurance, Runtime, and Response, have been expanded to deliver higher detection rates and greater flexibility, ensuring protection aligns with both business priorities and regulatory requirements.

In tandem with this release, the Light Agent in Kaspersky Hybrid Cloud Security has been enhanced. The solution now leverages Kaspersky Endpoint Security for Windows (12.10) and Kaspersky Endpoint Security for Linux (12.3) as light agents, improving integration and overall security capabilities in hybrid environments.

The update addresses common customer challenges, including cloud security blind spots, rising infrastructure costs, regulatory compliance pressures, and the limitations of traditional endpoint and open-source solutions in protecting multicloud workloads. By combining advanced automation with rich contextual intelligence, Kaspersky helps enterprises maintain resilience while meeting both business and compliance objectives.

"With the latest updates to Kaspersky Cloud Workload Security, we're continuing to push the boundaries of cloud security, providing our customers with the most comprehensive and robust protection available," commented Anton Rusakov-Rudenko, senior product marketing manager, cloud & network security product line at Kaspersky. "Our goal is to empower businesses to take full advantage of the cloud's potential, without compromising on security. With these updates, we're helping our customers to stay one step ahead of emerging threats and maintain the highest levels of security and compliance in their cloud infrastructure."

Kaspersky launches External Attack Surface module in DFI, giving security teams visibility, risk scoring, and proactive defenses

Kaspersky has unveiled a new External Attack Surface module within its Digital Footprint Intelligence (DFI) service, now accessible through the Threat Intelligence portal

This addition integrates External Attack Surface Management (EASM) features, enabling security teams to continuously oversee and protect their organisation’s external perimeter with improved visibility and control.

For years, the exploitation of public-facing applications has remained the leading method of initial compromise. According to the Kaspersky Incident Response report, these accounted for 39% of incidents in 2024. Furthermore, over 90% of the vulnerabilities targeted by attackers during that year had been publicly disclosed more than twelve months earlier, highlighting weak update and patch management practices in the affected organisations.

With the rapid expansion of digital ecosystems across cloud platforms, third-party applications, and shadow IT, organisations face mounting challenges in maintaining a secure perimeter. The newly introduced module helps by detecting exposed infrastructure, flagging vulnerabilities such as unpatched software or open ports, and assigning risk scores so that security teams can prioritise fixes based on potential business impact.

The External Attack Surface module directly addresses two essential concerns for security leaders: identifying internet-facing assets and determining which ones are at risk. It combines vulnerability scanning, misconfiguration checks, and contextual risk analysis to give enterprises a clear picture of their exposure, along with concrete steps to minimise it.

Unlike tools that provide only a snapshot, this solution also collects and stores historical data. This enables retrospective analysis, trend monitoring, and enhanced incident investigations. Data aggregation from multiple specialised search engines boosts coverage across hosts and services. Each issue discovered is supported by thorough explanations and remediation advice, ensuring teams can move efficiently from detection to resolution.

The value of the module lies not only in enhanced visibility but also in the ability to act decisively. Whether it involves patching outdated software, moving systems behind VPNs, applying WAF rules, or resetting compromised credentials, the module delivers clear and prioritized recommendations that help organizations strengthen defenses before attackers can exploit weaknesses.

“Security teams are under constant pressure to manage an ever-expanding digital perimeter. With the External Attack Surface module, we give them not only visibility of what attackers can see but also recommendations to reduce exposure and respond effectively. By enriching DFI with EASM functionality, we continue to expand the scope of our Threat Intelligence portfolio and deliver cross-product synergies that empower security teams with deeper insights, faster investigations, and more resilient cyber defense.” said Yuliya Novikova, head of digital footprint intelligence at Kaspersky.