Ghana, Guinea, Nigeria top cyber threat incidents in West Africa – Report

Post Date : November 5, 2024

Ghana has led the West African region in both the frequency and diversity of cyber threats for the first half of 2024, facing a high volume of distributed denial of service attacks directed at industries, including computer services and telecommunications, says NETSCOUT’s 1H2024 Distributed Denial of Service Threat Intelligence Report released on the company’s website on Tuesday.

According to the report, Ghana has experienced the highest volume of cyber attacks in West Africa, with the maximum bandwidth of its largest DDoS attack measuring 314.25 Mbps, a total of 4,753 attacks over six months, out of which 2,759 were targeted at computer-related services businesses; while the Republic of Guinea follows with 2,918 cases, with Nigeria coming third place with 2,721 cases of cyber threats.

The report partly read, “Ghana experienced by far the highest volume attack in West Africa, with the maximum bandwidth of its largest DDoS attack measuring 314.25 Mbps. Known for an economic resilience that is driven by agriculture and mining, Guinea surprisingly took the second spot in the NETSCOUT results for West Africa in terms of attack frequency, with 2,918 incidents listed. Wireless telecommunications carriers bore the brunt of these strikes, which were mostly TCP-type attacks.

“Nigeria, a major digital hub in Africa, experienced the third highest volume of cyberattacks in West Africa, coming in at 2,721 for the first half of 2024. Attacks in the computer-related services field were prevalent, as in Ghana, with 867 incidents, but local beauty salons were second on the list for Nigeria, enduring 206 incidents, followed by data processing hosting companies at 116.

“The growing complexity of DDoS threats seen worldwide, including a notable increase in both attack frequency and sophistication, is reflected in Nigeria. The country experienced more complex attacks than others within the region, with 23 different attacks vendors seen in one single attack, from TCP and CLDAP (Connection-less Lightweight Directory Access Protocol) attacks to Domain Name System (DNS) amplification and many more”, states Bryan Hamman, regional director for Africa at NETSCOUT.

“Côte d’Ivoire and Liberia both faced similar attack frequencies, with 1,598 and 1,515 incidents noted respectively. The two countries also experienced similarities in the types of attack vectors used – mostly TCP-related – as well as the sector that was hardest hit, which was wireless telecommunications for both.”

The report stressed that wireless telecommunications carriers were identified as the prime targets for threat actors in the Republic of Benin, recording 196 incidents, 107 in Senegal, 32 in Mali, and 16 in Cameroon.

The Regional Director for Africa at NETSCOUT, Bryan Hamman, noted the report “Is in line with NETSCOUT’s Global Threat Intelligence Report figures, which measured attacks on the sector at 834,471 for the first part of 2024, a substantial 34% increase on the figures seen for 2H 2023, which was calculated at 622,295. We believe this points to an objective by cybercriminals to disrupt critical communication infrastructure.”

Interestingly, although Cameroon fell more within the middle of the pack in terms of attack frequency, at 544, its largest DDoS attack reached 118.05 Gbps in bandwidth, much higher than the statistics seen for Senegal (27.31 Gbps) for instance, Guinea (12.35 Gbps) or Mali (0.81 Gbps).

He added, “In some cases, as seen by Cameroon and Ghana as well as Nigeria (134.86 Gbps), attack volumes can reach more than 100 Gbps, requiring upstream providers to mitigate the attack. Although many smaller attacks, such as those around 1Gbps, often bypass detection and mitigation by upstream providers due to being below-configured thresholds, they can still have a severe impact on enterprises.

“Statistics from NETSCOUT’s latest report show that generally, countries within West Africa have not been as heavily targeted as the likes of Morocco in the north of the continent, or South Africa in the SADC region. The latter falls within the top five most targeted countries within the entire Europe, Middle East and Africa (EMEA) region.

“This being said, we are certainly seeing variabilities in attack types and targets across West Africa, reinforcing the need for country-specific cyber defences and resilient strategies to protect these growing digital economies. While the West African threat landscape cybersecurity challenges may align in many areas with worldwide trends, the nuances in each country’s threat landscape highlight the importance of localised security strategies to protect both critical and emerging digital infrastructures.

“NETSCOUT’s Threat Intelligence Report provides essential insights to help West African organisations bolster their cybersecurity defences. By leveraging these findings, businesses across the region can effectively mitigate these evolving threats and secure their digital ecosystems.”

Leave a Reply

Your email address will not be published. Required fields are marked *