The first half of 2024 has seen a significant increase in Distributed Denial of Service (DDoS) attacks, particularly amid ongoing geopolitical conflicts. Organizations in North Africa experience notable surges, with countries like Morocco, Egypt, Tunisia, and Algeria reporting the highest rates. The data indicates that critical infrastructure, including banking and utilities, has become prime targets for these evolving attacks, which are becoming increasingly sophisticated.
DDoS attacks surge amid geopolitical tensions in North Africa
According to NETSCOUT’s global DDoS Threat Intelligence Report, DDoS attacks in the Middle East and Africa have risen by 30% compared to the previous quarter. Morocco, with a 90% Internet penetration rate, recorded the highest number of attacks in the region, totaling about 61,000 incidents in the first half of 2024. Of these, a major portion targeted wireless telecom providers, with 16,461 attacks, while over 6,000 were aimed at wired telecom companies.
Egypt also faced considerable DDoS activity, experiencing approximately 45,108 attacks during the same period. Wired telecom carriers were frequently targeted, followed by wireless carriers and educational institutions. Notably, Egypt saw some of the highest bandwidth DDoS attacks; the largest measured an impressive 332.96 Gbit/s.
In Tunisia, DDoS incidents reached 4,511 during the initial six months of 2024, predominantly impacting wired and wireless telecom providers. Threat actors increasingly deployed a diverse array of tactics, including a notable attack that utilized 27 vectors, such as Domain Name System (DNS) amplification and Connection-less Lightweight Directory Access Protocol (CLDAP) techniques.
Europol uncovers cybercrime empire with 27 DDoS sites shut down
Cybersecurity experts attribute this surge to the increasing online presence of businesses in North African countries. Richard Hummel, director of threat intelligence at NETSCOUT, noted that while digital transformation has numerous advantages, it also broadens the attack surface for cybercriminals.
Beyond an expanded digital landscape, ongoing geopolitical tensions in the region are contributing to heightened hacktivist activities. Hummel pointed out that real-world political disputes often manifest in the digital realm, with hacktivists targeting critical infrastructures such as government services, utilities, and banks to create maximum disruption.
The Africa Center for Strategic Studies highlighted that the rapid proliferation of IT and communications technologies across Africa is altering the threat landscape, creating significant national security challenges. As organizations in Africa become more digitally integrated, they will encounter cybersecurity threats similar to those faced by counterparts in other regions for years. Among these are cyber espionage and financially motivated attacks.
The report suggested that Africa’s government networks, as well as those in the banking and telecom sectors, remain particularly vulnerable to disruptive cyberattacks. The potential for cyber incidents due to negligence and accidents also raises concerns among cybersecurity experts.
The second half of 2024 will likely see a seismic shift in how DDoS attacks are executed in North Africa, with attackers exploiting vulnerabilities unique to the region’s rapid digital transformation. Expect to see a surge in precision attacks targeting the intersection of critical infrastructure and emerging digital ecosystems, such as fintech services built on undersecured platforms. Hacktivists and state-sponsored actors will move beyond brute force, utilizing tailored attack vectors to infiltrate hybrid cloud infrastructures, disrupting operations from within.
Governments and enterprises in North Africa must focus immediately on proactive threat-hunting, integrating zero-trust architectures and AI-driven network anomaly detection to counter these increasingly sophisticated campaigns before they cripple vital services.
Featured image credit: Kerem Gülen/Ideogram
