Security

Southern Africa faces rising DDoS threats

City_view_of_one_of_the_South_African_cities

NETSCOUT’s latest report highlights evolving, complex DDoS attacks targeting key sectors across southern Africa. (Image source: NETSCOUT)

The latest NETSCOUT Threat Intelligence Report for July to December 2024 reveals a rapidly evolving and diverse DDoS (Distributed Denial of Service) attack landscape across southern Africa

The findings indicate that while some countries faced a surge in attacks, others, though experiencing fewer incidents, encountered more sophisticated and targeted threats. South Africa, Mauritius, and Angola were among the most targeted nations, while countries like Zambia, Eswatini, and Zimbabwe saw lower volumes but faced increasingly complex attacks.

South Africa leads in attack numbers

South Africa remained the most targeted nation in the region, recording a staggering 130,931 DDoS incidents, although this number was significantly lower than the 230,000+ attacks observed in the first half of 2024. The largest recorded attack peaked at 210.65 Gbps and 20.38 Mpps, utilising 23 distinct attack vectors in one event—the highest of any country in southern Africa. These attacks predominantly targeted sectors such as computer-related services, insurance agencies, brokerages, and computing infrastructure providers, reflecting the country’s prominent role in Africa’s digital economy.

Mauritius experiences significant increase

Mauritius faced a 37% increase in DDoS attacks, registering over 41,800 incidents in the second half of the year compared to 30,446 in the first. The wireless telecommunications sector was the primary target, accounting for nearly 40,000 incidents. Peak attack throughput reached 35 Mpps, with bandwidth surging to 224 Gbps, underscoring the vulnerability of Mauritius’s growing digital infrastructure.

Namibia and Angola: smaller but still vulnerable

Namibia, despite its smaller population, reported 45,283 attacks, positioning it among the top five countries in the region. However, this was a decline from the 76,337 incidents recorded in the first half of 2024. The most common attack vector was DNS amplification, followed by TCP ACK and SYN/ACK amplification. The largest attack recorded in Namibia peaked at 30.11 Gbps and 2.88 Mpps.

Angola also saw an uptick in DDoS incidents, increasing from 14,281 in the first half of the year to 19,046. The nation experienced up to 18 attack vectors in a single event, with DNS amplification being the most prevalent. Wired telecommunications and computing infrastructure providers were the primary victims, with the largest attack peaking at 85.94 Gbps.

Targeted attacks in Eswatini and Zimbabwe

Eswatini recorded a 200% increase in DDoS incidents, rising from 209 attacks in the first half of 2024 to 619 in the latter half. These attacks were mostly focused on the real estate sector, indicating a targeted approach. The average attack duration was 7.3 minutes, with bandwidth below 1 Gbps.

Zimbabwe, on the other hand, recorded 476 DDoS attacks, with telecommunications being the most targeted sector. The largest attack reached 1.07 Gbps and 2.51 Mpps. Unlike other nations, Zimbabwe saw an attack on a retail business, lasting a significant 37 minutes.

Other Countries: Mozambique, Zambia, and Botswana

Mozambique saw a sharp decline in DDoS incidents, with only 425 attacks, a significant drop from 3,145 in the first half of the year. The attacks targeted the computer-related services and satellite telecommunications sectors. In Zambia, DDoS events were fewer, with only 153 incidents, though these attacks involved diverse vectors, highlighting a more sophisticated approach. Botswana, while reporting only 981 attacks, saw most of them directed at wireless telecommunications.

Rising complexity and shared attack vectors

NETSCOUT’s Bryan Hamman, regional director for Africa, emphasises the increasing complexity of DDoS attacks. “The second half of 2024 has shown a marked shift towards multivector attacks, with countries like South Africa, Mauritius, and Angola facing increasingly sophisticated threats.” He adds that these attacks often involve TCP ACK, DNS amplification, and TCP SYN/ACK amplification, which are the most common vectors in the region.

As the digital infrastructure across southern Africa grows, so does the attack surface. Hamman warns that organizations must invest in robust cybersecurity strategies and proactive threat intelligence to stay ahead of evolving threats. “The rise in technical diversity and targeted industry-specific campaigns in countries like Zambia and Mozambique signals a worrying trend,” he says. “Companies must be prepared for more calculated attacks targeting specific sectors.”

Redefining cybersecurity for Africa’s digital age

Respresentatives_of_Kaspersky_and_SmartAfrica_holding_partnership_agreement

Kaspersky and Smart Africa collaborate to enhance cybersecurity skills, policies, and infrastructure, strengthening Africa’s digital security landscape. (Image source: Kaspersky)

In a strategic move to bolster Africa’s digital security, Kaspersky has signed a three-year Memorandum of Understanding (MoU) with Smart Africa

This agreement marks a significant step toward expanding cybersecurity capabilities across the continent through collaborative initiatives.

A core aspect of this partnership is cybersecurity skills development, with training programs led by the Kaspersky Academy. Founded in 2010, the Academy aims to provide top-tier cybersecurity education to foster a safer digital world. Additionally, the initiative seeks to bridge gender gaps by supporting programs that empower women and girls in cybersecurity, STEM, and ICT. This aligns with Kaspersky’s ongoing efforts to encourage more female participation in the IT sector.

Beyond skills development, the collaboration prioritises policy standardisation, bringing together stakeholders to create harmonised regional and national cybersecurity frameworks. This includes law enforcement agencies, industry leaders, cybersecurity authorities, and emergency response teams, ensuring a cohesive and comprehensive approach to digital security.

The partnership also aims to reinforce Africa’s technological defenses by establishing critical cybersecurity infrastructure. This includes security operations centers (SOCs), emergency response teams, and expert technical support to mitigate cyber threats.

Lacina Koné, CEO of Smart Africa, emphasised, “This MoU marks a significant milestone in our quest to secure Africa’s digital future. By joining forces with Kaspersky, we are not only building essential cybersecurity skills and bridging the gender gap but also setting the stage for robust regional cooperation and state-of-the-art cyber infrastructure.”

Eugene Kaspersky, founder and CEO of Kaspersky, added, “Our strategic partnership with Smart Africa is designed to help create a more secure cyberspace across the continent and beyond. We see this initiative as a commitment to empowering both individual users and organisations to ensure that everyone can navigate the digital world safely and with confidence.”

This partnership reinforces Kaspersky’s dedication to strengthening global cyber resilience through strategic collaborations. It also complements the African Network of Cybersecurity Authorities (ANCA)—a Smart Africa initiative designed to unite cybersecurity agencies across Africa to combat cyber threats.

With Smart Africa’s mission to build a secure, inclusive, and digitally empowered continent, this collaboration is set to tackle evolving cyber challenges and position Africa as a leader in digital security innovation.

Somalia launches first IPv6 Hub

Digital_image_of_African_map_showcasing_connectivity

Somalia launches its first National IPv6 Center to enhance internet security, scalability, and support next-gen technologies like 5G and IoT. (Image source: Adobe Stock)

The National Communications Authority (NCA) and Jamhuriya University of Science & Technology (JUST), in partnership with the African Network Information Center (AFRINIC), have inaugurated Somalia’s first National IPv6 Internet Protocol Center, marking a pivotal step in the country’s digital evolution

Designed as a hub for research, training, and implementation, the center will drive Somalia’s transition to IPv6, ensuring a more secure, scalable, and future-ready internet infrastructure. The shift from IPv4 to IPv6 is crucial for expanding connectivity, enhancing cybersecurity, and enabling advanced technologies like 5G and the Internet of Things (IoT).

The launch event brought together government representatives, industry leaders, academia, and key figures from Somalia’s digital ecosystem.

Mohamed Ahmed Mohamud, president of Jamhuriya University of Science & Technology (JUST), highlighted the significance of collaboration between government and academia in advancing digital services. “This collaboration is crucial for Somalia’s technological and knowledge development. Strengthening cooperation between public institutions and the education sector is key to building a strong digital economy.”

NCA director general, Mustafa Yasin Sheikh, emphasised the strategic importance of IPv6, noting its role in expanding internet services, boosting cybersecurity, and integrating cutting-edge technologies into Somalia’s digital landscape. “This center is a landmark achievement in modernizing Somalia’s telecommunications sector and accelerating our digital growth. IPv6 is not just an upgrade—it is the foundation for a more resilient and future-ready internet ecosystem.”

Minister of Communications and Technology, Mohamed Adan Macalin, reiterated the government’s dedication to digital connectivity and urged stakeholders to support IPv6 adoption. “The launch of this center signals Somalia’s transition into a modern digital era. I urge all telecommunications companies, academic institutions, and private sector players to actively engage in implementing the National IPv6 Strategy.”

As part of the initiative, NCA and JUST signed a Memorandum of Understanding (MoU), officially designating the university as the center’s host. The agreement outlines joint efforts in training, research, and public awareness to ensure a smooth nationwide transition to IPv6.

The National IPv6 Center is a vital element of Somalia’s National ICT Strategy, reinforcing the country’s commitment to a secure, scalable, and sustainable digital future.

Cynoia wins best SaaS Startup award

Cynoia wins Best SaaS Startup at AfricArena Summit 2024, revolutionizing African team collaboration with AI and cost-effective solutions. (Image source: Cynoia)

Cynoia, the African-built team workspace platform, has been recognised as the Best SaaS Startup at the prestigious AfricArena Grand Summit 2024, held in Cape Town

The event, now in its seventh year, is known as Africa's top tech ecosystem accelerator, drawing over 100 startups from 31 African nations.

At the Cape Town International Convention Centre, Cynoia’s chief financial officer, Manar Labidi, accepted the award after competing with 45 other startups in a competition described by AfricArena founder Christophe Viarnaud as “the stage of Africa’s future.” This recognition strengthens Cynoia’s position as a key innovator in Africa’s SaaS sector.

2024 has proven transformative for Cynoia, which enables teams to collaborate more efficiently while slashing software costs by up to 80%. With a new leadership structure, growing international recognition, and continental expansion, the company is preparing to redefine the future of African teamwork with the upcoming launch of its AI engine, Hannibal.

In an important internal promotion, Nermine Slimane transitioned from Team Lead to Chief Technology Officer, bringing valuable expertise in Cynoia’s architecture to the executive team. This allowed co-founder Ayoub Rabeh to focus on his new role as Chief Product Officer, further strengthening the company's commitment to product development. Felipe Millan also joined as Chief Marketing Officer, completing the leadership team, which prioritizes diversity with women representing 47% of the company.

"We're building something special here," remarked Nassreddine Riahi, CEO of Cynoia. "Our team is stronger than ever, and we're reaching more businesses across Africa than we imagined possible when we started. We're not just creating another collaboration tool – we're building the workspace that African teams actually need."

November saw the release of Cynoia Version 2.0, featuring upgraded project management tools, chat, video calls, and file-sharing, all within a single bandwidth-efficient platform suitable for various budgets. The company has also expanded its footprint, establishing a legal entity in Senegal and growing its user base in Ivory Coast, Democratic Republic of Congo, Cameroon, and Rwanda. "Being closer to our users helps us understand their real needs," explained Ayoub Rabeh, chief product officer. "Every market is unique, and we’re adapting our platform accordingly, especially for areas with limited internet connectivity."

Looking ahead to 2025, Cynoia is set to launch Hannibal, its AI engine tailored for African teams. "Hannibal will make advanced AI accessible to businesses across the continent, regardless of their size or location," concluded Nermine Slimane, chief technical officer. "We’re focusing on practical AI applications that make sense for how African teams actually work."

Cybersecurity challenges in Northern Africa: Rising DDoS threats

Digital image of businessman interacting with a holographic Interface Indicating a DDoS attack alert

NETSCOUT's 1H2024 report highlights rising DDoS attacks in Northern Africa, urging nations to enhance cybersecurity for critical infrastructure resilience. (Image source: Adobe Stock)

As Northern Africa undergoes rapid digital transformation, expanding connectivity emerges as both a significant asset and a potential risk

Countries such as Egypt, Tunisia, Algeria, Libya, and Morocco are experiencing a notable surge in Distributed Denial of Service (DDoS) attacks, emphasising the critical need for enhanced cybersecurity across the region. The 1H2024 DDoS Threat Intelligence Report (TIR) by NETSCOUT highlights country-specific trends, uncovering unique and shared challenges in the region's cybersecurity landscape.

Tunisia: Multi-vector DDoS complexity

Tunisia saw 4,511 DDoS attacks, with the majority targeting wired (3,529) and wireless (574) telecommunications carriers. The NETSCOUT report reveals Tunisia faced the most complex attacks in the region, with up to 27 vectors, including ARMS, CLDAP, COAP, and DNS amplification, amplifying the severity of threats.

Libya: Growing threats in a developing digital space

In Libya, the rise in DDoS attacks coincides with the country’s expanding digital infrastructure. The report recorded 698 DNS amplification incidents, 337 ICMP attacks, and 211 STUN incidents, among others. A single attack employed 23 different vectors, reflecting a growing sophistication in cyber threats.

Algeria: Minimal attacks, high stakes

Algeria experienced the fewest DDoS incidents, with 452 reported attacks. Most targeted wired telecommunications carriers (411) and computing infrastructure providers. Despite the lower volume, DNS amplification techniques highlight the urgent need for robust network defenses to protect critical communications infrastructure.

Strengthening Northern Africa’s cyber resilience

The rise in DDoS attacks across Northern Africa, as reported by NETSCOUT, mirrors the cybersecurity risks linked to digital growth. To protect critical infrastructure and ensure resilience, organizations in Egypt, Tunisia, Algeria, Libya, and Morocco must adopt comprehensive cybersecurity measures.

"The increase in DDoS attacks across Northern Africa measured by NETSCOUT in its latest report reflects the broader cyber risks associated with digital expansion. As organisations in Egypt, Tunisia, Algeria, Libya and Morocco grow their online presence, so too must they adopt robust cybersecurity frameworks to safeguard critical infrastructure and ensure digital resilience," remarked Bryan Hamman, regional director for Africa, NETSCOUT.

Qualcomm supports African tech

MTC's MTC Maris set to revolutionise Namibia

Woman’s hands texting, networking, or browsing on smartphone

GSMA's 2024 report reveals the transformative impact of mobile technology in Sub-Saharan Africa, highlighting key challenges and growth opportunities. (Image source: Adobe Stock)