NETSCOUT’s latest report highlights evolving, complex DDoS attacks targeting key sectors across southern Africa. (Image source: NETSCOUT)

The latest NETSCOUT Threat Intelligence Report for July to December 2024 reveals a rapidly evolving and diverse DDoS (Distributed Denial of Service) attack landscape across southern Africa

The findings indicate that while some countries faced a surge in attacks, others, though experiencing fewer incidents, encountered more sophisticated and targeted threats. South Africa, Mauritius, and Angola were among the most targeted nations, while countries like Zambia, Eswatini, and Zimbabwe saw lower volumes but faced increasingly complex attacks.

South Africa leads in attack numbers

South Africa remained the most targeted nation in the region, recording a staggering 130,931 DDoS incidents, although this number was significantly lower than the 230,000+ attacks observed in the first half of 2024. The largest recorded attack peaked at 210.65 Gbps and 20.38 Mpps, utilising 23 distinct attack vectors in one event—the highest of any country in southern Africa. These attacks predominantly targeted sectors such as computer-related services, insurance agencies, brokerages, and computing infrastructure providers, reflecting the country’s prominent role in Africa’s digital economy.

Mauritius experiences significant increase

Mauritius faced a 37% increase in DDoS attacks, registering over 41,800 incidents in the second half of the year compared to 30,446 in the first. The wireless telecommunications sector was the primary target, accounting for nearly 40,000 incidents. Peak attack throughput reached 35 Mpps, with bandwidth surging to 224 Gbps, underscoring the vulnerability of Mauritius’s growing digital infrastructure.

Namibia and Angola: smaller but still vulnerable

Namibia, despite its smaller population, reported 45,283 attacks, positioning it among the top five countries in the region. However, this was a decline from the 76,337 incidents recorded in the first half of 2024. The most common attack vector was DNS amplification, followed by TCP ACK and SYN/ACK amplification. The largest attack recorded in Namibia peaked at 30.11 Gbps and 2.88 Mpps.

Angola also saw an uptick in DDoS incidents, increasing from 14,281 in the first half of the year to 19,046. The nation experienced up to 18 attack vectors in a single event, with DNS amplification being the most prevalent. Wired telecommunications and computing infrastructure providers were the primary victims, with the largest attack peaking at 85.94 Gbps.

Targeted attacks in Eswatini and Zimbabwe

Eswatini recorded a 200% increase in DDoS incidents, rising from 209 attacks in the first half of 2024 to 619 in the latter half. These attacks were mostly focused on the real estate sector, indicating a targeted approach. The average attack duration was 7.3 minutes, with bandwidth below 1 Gbps.

Zimbabwe, on the other hand, recorded 476 DDoS attacks, with telecommunications being the most targeted sector. The largest attack reached 1.07 Gbps and 2.51 Mpps. Unlike other nations, Zimbabwe saw an attack on a retail business, lasting a significant 37 minutes.

Other Countries: Mozambique, Zambia, and Botswana

Mozambique saw a sharp decline in DDoS incidents, with only 425 attacks, a significant drop from 3,145 in the first half of the year. The attacks targeted the computer-related services and satellite telecommunications sectors. In Zambia, DDoS events were fewer, with only 153 incidents, though these attacks involved diverse vectors, highlighting a more sophisticated approach. Botswana, while reporting only 981 attacks, saw most of them directed at wireless telecommunications.

Rising complexity and shared attack vectors

NETSCOUT’s Bryan Hamman, regional director for Africa, emphasises the increasing complexity of DDoS attacks. “The second half of 2024 has shown a marked shift towards multivector attacks, with countries like South Africa, Mauritius, and Angola facing increasingly sophisticated threats.” He adds that these attacks often involve TCP ACK, DNS amplification, and TCP SYN/ACK amplification, which are the most common vectors in the region.

As the digital infrastructure across southern Africa grows, so does the attack surface. Hamman warns that organizations must invest in robust cybersecurity strategies and proactive threat intelligence to stay ahead of evolving threats. “The rise in technical diversity and targeted industry-specific campaigns in countries like Zambia and Mozambique signals a worrying trend,” he says. “Companies must be prepared for more calculated attacks targeting specific sectors.”

Somalia launches its first National IPv6 Center to enhance internet security, scalability, and support next-gen technologies like 5G and IoT. (Image source: Adobe Stock)

The National Communications Authority (NCA) and Jamhuriya University of Science & Technology (JUST), in partnership with the African Network Information Center (AFRINIC), have inaugurated Somalia’s first National IPv6 Internet Protocol Center, marking a pivotal step in the country’s digital evolution

Designed as a hub for research, training, and implementation, the center will drive Somalia’s transition to IPv6, ensuring a more secure, scalable, and future-ready internet infrastructure. The shift from IPv4 to IPv6 is crucial for expanding connectivity, enhancing cybersecurity, and enabling advanced technologies like 5G and the Internet of Things (IoT).

The launch event brought together government representatives, industry leaders, academia, and key figures from Somalia’s digital ecosystem.

Mohamed Ahmed Mohamud, president of Jamhuriya University of Science & Technology (JUST), highlighted the significance of collaboration between government and academia in advancing digital services. “This collaboration is crucial for Somalia’s technological and knowledge development. Strengthening cooperation between public institutions and the education sector is key to building a strong digital economy.”

NCA director general, Mustafa Yasin Sheikh, emphasised the strategic importance of IPv6, noting its role in expanding internet services, boosting cybersecurity, and integrating cutting-edge technologies into Somalia’s digital landscape. “This center is a landmark achievement in modernizing Somalia’s telecommunications sector and accelerating our digital growth. IPv6 is not just an upgrade—it is the foundation for a more resilient and future-ready internet ecosystem.”

Minister of Communications and Technology, Mohamed Adan Macalin, reiterated the government’s dedication to digital connectivity and urged stakeholders to support IPv6 adoption. “The launch of this center signals Somalia’s transition into a modern digital era. I urge all telecommunications companies, academic institutions, and private sector players to actively engage in implementing the National IPv6 Strategy.”

As part of the initiative, NCA and JUST signed a Memorandum of Understanding (MoU), officially designating the university as the center’s host. The agreement outlines joint efforts in training, research, and public awareness to ensure a smooth nationwide transition to IPv6.

The National IPv6 Center is a vital element of Somalia’s National ICT Strategy, reinforcing the country’s commitment to a secure, scalable, and sustainable digital future.

Cynoia wins Best SaaS Startup at AfricArena Summit 2024, revolutionizing African team collaboration with AI and cost-effective solutions. (Image source: Cynoia)

Cynoia, the African-built team workspace platform, has been recognised as the Best SaaS Startup at the prestigious AfricArena Grand Summit 2024, held in Cape Town

The event, now in its seventh year, is known as Africa's top tech ecosystem accelerator, drawing over 100 startups from 31 African nations.

At the Cape Town International Convention Centre, Cynoia’s chief financial officer, Manar Labidi, accepted the award after competing with 45 other startups in a competition described by AfricArena founder Christophe Viarnaud as “the stage of Africa’s future.” This recognition strengthens Cynoia’s position as a key innovator in Africa’s SaaS sector.

2024 has proven transformative for Cynoia, which enables teams to collaborate more efficiently while slashing software costs by up to 80%. With a new leadership structure, growing international recognition, and continental expansion, the company is preparing to redefine the future of African teamwork with the upcoming launch of its AI engine, Hannibal.

In an important internal promotion, Nermine Slimane transitioned from Team Lead to Chief Technology Officer, bringing valuable expertise in Cynoia’s architecture to the executive team. This allowed co-founder Ayoub Rabeh to focus on his new role as Chief Product Officer, further strengthening the company's commitment to product development. Felipe Millan also joined as Chief Marketing Officer, completing the leadership team, which prioritizes diversity with women representing 47% of the company.

"We're building something special here," remarked Nassreddine Riahi, CEO of Cynoia. "Our team is stronger than ever, and we're reaching more businesses across Africa than we imagined possible when we started. We're not just creating another collaboration tool – we're building the workspace that African teams actually need."

November saw the release of Cynoia Version 2.0, featuring upgraded project management tools, chat, video calls, and file-sharing, all within a single bandwidth-efficient platform suitable for various budgets. The company has also expanded its footprint, establishing a legal entity in Senegal and growing its user base in Ivory Coast, Democratic Republic of Congo, Cameroon, and Rwanda. "Being closer to our users helps us understand their real needs," explained Ayoub Rabeh, chief product officer. "Every market is unique, and we’re adapting our platform accordingly, especially for areas with limited internet connectivity."

Looking ahead to 2025, Cynoia is set to launch Hannibal, its AI engine tailored for African teams. "Hannibal will make advanced AI accessible to businesses across the continent, regardless of their size or location," concluded Nermine Slimane, chief technical officer. "We’re focusing on practical AI applications that make sense for how African teams actually work."