Cybersecurity Landscape in East Africa: The Rise of DDoS Attacks

As the digital realm expands, East Africa is witnessing a significant surge in cyberthreats, particularly Distributed Denial of Service (DDoS) attacks. According to NETSCOUT’s recent global threat intelligence report, Kenya has emerged as the region’s frontline in terms of DDoS incidents, ranking third on the African continent following South Africa and Morocco.

Kenya: A Hotspot for DDoS Attacks

Kenya recorded an alarming total of 46,786 DDoS attacks in the first half of 2025. This significant figure underscores the worrying trend of heightened cyber aggressions targeting the country. Notably, the telecommunications sector—both wired and wireless—sustained the brunt of these attacks. Wired communications accounted for 20,349 attacks, while wireless telecommunications saw 15,919 incidents, followed by other computer-related services, which tallied 8,730 attacks.

Despite the overwhelming focus on telecommunications, other sectors also experienced DDoS incidents, albeit at lower rates. Investment advisory organizations encountered 720 strikes, while data processing and web hosting services faced 217 attacks. Retail and hospitality sectors were not spared either, highlighting how attackers are broadening their scope to test vulnerabilities across various industries.

Evolving Attack Strategies

Bryan Hamman, Regional Director for Africa at NETSCOUT, emphasized the adaptability of DDoS attackers. “As the digital landscape evolves, so do the top targeted sectors across each country,” he remarked. This adaptability signals that attackers are poised to shift their strategies, focusing on emerging industries as well as traditional targets. For instance, the noticeable increase in attacks on sectors like retail showcases the potential exploitation of vulnerabilities within less fortified industries.

Regional Trends: Uganda and Tanzania

In a contrasting trend, Uganda saw a dramatic reduction in DDoS incidents, with only 881 reported in the same period, down from 6,145 in the latter half of 2024. The country’s telecommunications sector, particularly wireless communications, bore the most significant number of attacks, totaling 357. Comparatively, Tanzania faced 326 DDoS attacks, indicating a nearly 50% decline from the previous period. Here, the focus shifted primarily towards computing infrastructure providers and wireless telecommunications.

While the decrease in the number of attacks might seem encouraging, Hamman cautions that no sector should consider itself immune. The average duration of these attacks tends to be brief, hinting at a tactic meant to cause quick disruptions rather than long-lasting damage.

Djibouti: Strategic Target for Attackers

Unlike its neighbors, Djibouti experienced a considerable uptick in cyber incidents, reporting 3,172 strikes in the first half of 2025. Nearly all these attacks targeted wireless telecommunications carriers, with only two incidents affecting wired telecommunications. Djibouti’s strategic geographical position on the Gulf of Aden, coupled with its numerous submarine and terrestrial cables, renders it an attractive target for cybercriminals aiming to disrupt essential communication channels.

Insights from Seychelles, Madagascar, and South Sudan

Seychelles noted a near doubling of DDoS attacks from the previous reporting period, reaching a total of 674. Again, the computing infrastructure and data processing sectors were primary targets. Madagascar mirrored this trend, with 368 attacks predominantly aimed at computing services. South Sudan, meanwhile, faced 1,439 onslaughts, indicating heightened interest from attackers looking to exploit vulnerabilities.

Critical Infrastructure Under Threat

Across the region, the persistent targeting of telecommunications, computer-related services, and financial entities is evident. Hamman explains that these sectors are critical to national infrastructure, meaning that disruptions can lead to broad and severe repercussions.

As cyber threats evolve, it becomes imperative for organizations to adopt proactive defense mechanisms. According to Hamman, NETSCOUT is committed to providing real-time visibility and intelligent threat mitigation strategies, enabling organizations to stay one step ahead as the cyber landscape continues to morph.

The ongoing rise of DDoS attacks in East Africa highlights a pressing need for enhanced cybersecurity measures, ensuring that critical digital infrastructure is protected against ever-evolving threats.