By Bryan Hamman – As Africa continues to embrace digital transformation, the continent is also becoming increasingly vulnerable to cyberthreats, particularly Distributed Denial of Service (DDoS) attacks.

These incidents, which disrupt the availability of networks, applications and services, are becoming a favoured tool among hackers looking to exploit vulnerabilities for malicious purposes.

 

Why do hackers use DDoS attacks?

DDoS attacks are emerging as a common and disruptive tactic across the continent, with several nations recently targeted by cybercriminals and hacktivist groups aiming to disrupt essential services and sow chaos. The motivations behind these attacks can vary widely.

In many cases, they are driven by financial gain, with attackers extorting businesses by threatening to sustain an attack unless a ransom is paid. Cybercriminals often launch attacks with the intent to extort money from their targets, and these businesses, fearing the potential for brand damage, loss of reputation and significant revenue loss, often feel pressured to meet the attackers’ demands. In some instances, these cybercriminals may also aim to sabotage competitors by disrupting their operations, giving themselves an unfair market advantage.

At other times, these DDoS attacks are apparently motivated by political or ideological beliefs, launched by hacktivist groups or state-sponsored actors to advance their goals or geopolitical interests. These attacks are designed to disrupt society’s functioning, whether by disabling essential services or undermining public trust in institutions.

Last year, several Kenyan, Djiboutian, Ugandan and Nigerian organisations felt the wrath of hacktivist group Anonymous Sudan, with telecommunications, education and government organisations, amongst others, being heavily targeted. After attacks in both Uganda and Kenya, Anonymous Sudan claimed that it was targeting the countries because of their alleged support of one of the groups in the civil fight against the Sudanese Armed Forces, a conflict that has raged in Sudan since April 2023.

DDoS attacks can also be motivated by a desire for revenge. Cybercriminal groups may target organisations that they perceive as having acted against their interests or beliefs.

This type of cybercrime is not just limited to large corporations; small and medium-sized enterprises (SMEs) across Africa are also increasingly becoming targets. The cost of downtime, coupled with the potential ransom demands, can be devastating for these businesses, many of which may not have the resources to mount an effective defence against sophisticated cyberattacks.

 

The smokescreen effect

One of the most dangerous aspects of DDoS attacks is their ability to serve as a smokescreen for other cybercrimes.

While IT teams are focused on restoring service after a DDoS attack, hackers may be exploiting the chaos to breach other parts of the network, stealing sensitive data or installing malware.

This dual threat underscores the need for comprehensive cybersecurity strategies that can safeguard against DDoS attacks while also protecting other areas of the network.

 

Defending against the DDoS threat

For businesses and governments across the globe, the threat of DDoS attacks is real and growing. And as the digital landscape across the African continent continues to evolve, so too must our strategies for safeguarding it against those who would seek to exploit its vulnerabilities.

The best defence is a proactive approach to cybersecurity that includes robust DDoS protection. By investing in advanced cybersecurity solutions, local organisations can better protect themselves against the financial, operational and reputational damage that DDoS attacks can cause.

 

Bryan Hamman is the regional director for Africa at NetScout