NETSCOUT SYSTEMS, INC. has released its latest Threat Intelligence Report for the second half of 2024, highlighting the evolving cyber threat landscape across East Africa. A number of sectors across countries within the region, including Kenya, Uganda, Tanzania, Seychelles, Djibouti, Ethiopia and Rwanda, have experienced ongoing distributed denial of service (DDoS) attacks, in line with the 3,782,832 strikes seen over the six months within Europe, Middle East and Africa (EMEA).

“NETSCOUT’s 14^th issue of its Threat Intelligence Report found that global DDoS attacks increased by 12.75 percent compared to the previous six-month period to 8,911,312. When honing in specifically on East Africa, the continued DDoS attacks across the region between June and December of 2024 are a clear signal that no sector or country is off-limits to threat actors,” says Bryan Hamman, regional director for Africa at NETSCOUT.

“Across East Africa, we’re seeing a broader variety of attack vectors, higher levels of complexity and increasing targeting of critical industries – from telecoms to financial services and even retail,” says Hamman.

Kenya sees high-volume, complex attacks

Recording the highest number of attacks within East Africa, Kenya was exposed to a total of 34,687 DDoS incidents during this period, albeit down from the 57,319 it faced during the first half of 2024.

Key industries targeted included computer-related services, wireless and wired telecommunications, portfolio management and investment advice organisations, clothing and accessories retailers, certified public accountants and commercial banking institutions.

> Why Billboards are Making More Money Than Influencers

The most complex single attack involved 21 unique vectors, with the largest incident reaching 144.75 Gbps and 13.69 Mpps. The top three attack types included TCP ACK (23,134 attacks), TCP SYN/ACK Amplification (13,046) and TCP RST (9,793).

Ugandan DDoS attacks surge

Uganda reported a total of 6,145 DDoS attacks, up significantly from 1,564 during the first half of the year, with the largest peaking at 79.52 Gbps and 10.92 Mpps. Of these, the wireless telecommunications sector was the most targeted, accounting for 4,422 incidents, followed by computing infrastructure providers at 555.

The most prevalent attack vectors included TCP SYN/ACK Amplification (2,825 attacks), DNS Amplification (731) and ICMP (667).

Longest East African incident experienced in Djibouti

Djibouti suffered 2,860 DDoS attacks in 2H 2024. While the largest attack reached 8.5 Gbps and 1.12 Mpps, the standout metric was the extended average duration of attacks, lasting around 271 minutes. This was by far the longest attack recorded within the region.

The most common attack vectors were DNS Amplification (810), TCP RST (488) and TCP SYN/ACK Amplification (369).

Tanzania, Seychelles, Ethiopia and Rwanda

“While the volume of DDoS attacks observed across countries such as Tanzania, Seychelles, Rwanda and Ethiopia may have been lower than in other parts of East Africa for the latter part of 2024, they are by no means insignificant,” states Hamman. “Tanzania, for example, saw a notable increase in incidents compared to the first half of the year, as did Rwanda, while Ethiopia continues to face consistent targeting of its wireless telecom providers.

“Attack vectors across these countries also show evolving levels of sophistication, from multi-vector assaults in Tanzania to high-impact attacks in the Seychelles. These figures reinforce the need for heightened vigilance and robust cybersecurity postures across all sectors, regardless of the size or frequency of attacks.”

“What’s particularly concerning is the sharp rise in sustained, high-bandwidth attacks and the growing number of incidents in previously quieter markets,” Hamman continues. “The findings from NETSCOUT’s latest Threat Intelligence Report make it clear: cybercriminals are not only growing bolder but are also evolving their methods, targeting a wide array of industries and regions across East Africa.

“As attack volumes fluctuate and complexity increases, no sector can afford to be complacent. In this environment, proactive defence strategies, underpinned by real-time visibility and intelligent threat mitigation, are essential to safeguarding critical infrastructure. NETSCOUT remains committed to equipping organisations with the tools and insights they need to stay resilient in the face of this ever-changing threat landscape,” he concludes.

> Inside Tax Proposals Being Pushed by Private Sector CEOs