Ghana, Guinea, Nigeria hit by cyber threats– Report

Ghana led the West African region in both the frequency and diversity of cyber threats for the first half of 2024, facing a high volume of distributed denial of service attacks directed at industries, including computer services and telecommunications.

This is according to NETSCOUT’s 1H2024 Distributed Denial of Service Threat Intelligence Report released on the company’s website on Tuesday.

“Ghana has experienced the highest volume of cyber attacks in West Africa, with the maximum bandwidth of its largest DDoS attack measuring 314.25 Mbps, a total of 4,753 attacks over six months, out of which 2,759 were targeted at computer-related services businesses; while the Republic of Guinea follows with 2,918 cases, with Nigeria coming third place with 2,721 cases of cyber threats,” the report said.

“Ghana experienced by far the highest volume attack in West Africa, with the maximum bandwidth of its largest DDoS attack measuring 314.25 Mbps.

“Known for an economic resilience that is driven by agriculture and mining, Guinea surprisingly took the second spot in the NETSCOUT results for West Africa in terms of attack frequency, with 2,918 incidents listed. Wireless telecommunications carriers bore the brunt of these strikes, which were mostly TCP-type attacks,” it stated.

The report also stated that Nigeria, a major digital hub in Africa, experienced the third highest volume of cyber attacks in West Africa, coming in at 2,721 for the first half of 2024.

“Attacks in the computer-related services field were prevalent, as in Ghana, with 867 incidents, but local beauty salons were second on the list for Nigeria, enduring 206 incidents, followed by data processing hosting companies at 116,” it said.

“The growing complexity of DDoS threats seen worldwide, including a notable increase in both attack frequency and sophistication, is reflected in Nigeria. The country experienced more complex attacks than others within the region, with 23 different attacks vendors seen in one single attack, from TCP and CLDAP (Connection-less Lightweight Directory Access Protocol) attacks to Domain Name System (DNS) amplification and many more,” Bryan Hamman, regional director for Africa at NETSCOUT said.

He said Côte d’Ivoire and Liberia both faced similar attack frequencies, with 1,598 and 1,515 incidents noted respectively. The two countries also experienced similarities in the types of attack vectors used – mostly TCP-related – as well as the sector that was hardest hit, which was wireless telecommunications for both.

Read also: AI’s responsive capabilities can combat cyber threats – Popoola

Wireless telecommunications carriers were identified as the prime targets for threat actors in the Republic of Benin, recording 196 incidents, 107 in Senegal, 32 in Mali, and 16 in Cameroon.

Bryan Hamman regional director for Africa at NETSCOUT, noted that the report “is in line with NETSCOUT’s Global Threat Intelligence Report figures, which measured attacks on the sector at 834,471 for the first part of 2024, a substantial 34 percent increase on the figures seen for 2H 2023, which was calculated at 622,295. We believe this points to an objective by cybercriminals to disrupt critical communication infrastructure.”

“Although Cameroon fell more within the middle of the pack in terms of attack frequency, at 544, its largest DDoS attack reached 118.05 Gbps in bandwidth, much higher than the statistics seen for Senegal (27.31 Gbps) for instance, Guinea (12.35 Gbps) or Mali (0.81 Gbps),” he said.

“In some cases, as seen by Cameroon and Ghana as well as Nigeria (134.86 Gbps), attack volumes can reach more than 100 Gbps, requiring upstream providers to mitigate the attack. Although many smaller attacks, such as those around 1Gbps, often bypass detection and mitigation by upstream providers due to being below-configured thresholds, they can still have a severe impact on enterprises,” he stated.