East Africa is experiencing a dramatic escalation in cyber threats, with Ethiopia and its neighbors witnessing a surge in sophisticated distributed denial-of-service (DDoS) attacks targeting critical sectors. The latest data from NETSCOUT’s 2H 2024 Threat Intelligence Report reveals that no country or industry in the region is immune, as cybercriminals deploy increasingly complex tactics to disrupt digital infrastructure and exploit vulnerabilities.

Between June and December 2024, East African nations-including Kenya, Uganda, Tanzania, Seychelles, Djibouti, Ethiopia, and Rwanda-faced a relentless wave of DDoS attacks. The region was part of the 3.78 million incidents recorded across Europe, the Middle East, and Africa during this period, with global DDoS activity rising 12.75% to over 8.9 million attacks.

Kenya recorded the highest number of attacks in East Africa, with 34,687 incidents, though this was a decrease from the 57,319 attacks in the first half of 2024. Uganda saw a sharp rise, with attacks jumping from 1,564 to 6,145, primarily targeting the wireless telecommunications sector. Djibouti experienced the longest-lasting attacks in the region, averaging 271 minutes per incident.

Ethiopia experienced 107 DDoS attacks in the second half of 2024, matching the number from the first half of the year. The most significant attack peaked at 12.18 Gbps and 1.18 million packets per second, with the majority of incidents targeting wireless telecommunications providers through DNS Amplification and UDP-based flood techniques. While the attack volume is lower than in some neighboring countries, the persistent targeting of Ethiopia’s digital infrastructure underscores the nation’s growing vulnerability as its digital economy expands.

In response, Ethiopia has intensified its cybersecurity efforts. The Information Network Security Administration (INSA) reported thwarting approximately 8,854 attempted cyberattacks during the 2023/24 fiscal year, up from 6,959 the previous year. INSA has launched public awareness campaigns, enhanced legal frameworks, and invested in human resources and technology to protect vital sectors such as finance, healthcare, and government services.

INSA Director General Tigist Hamid emphasized the urgency of these measures: “Data theft has become a daily concern and INSA is ramping up its efforts to address the rising number of cyber threats. This initiative aims to strengthen cybersecurity and protect the nation’s sovereignty”.

The threat landscape is evolving rapidly. Attackers are leveraging enterprise-grade servers, AI-driven automation, and proxy networks to conduct multi-vector attacks that are harder to detect and mitigate. The most common attack methods in Ethiopia include DNS Amplification and UDP floods, but the region as a whole is witnessing a broader variety of vectors and higher levels of complexity.

Experts warn that as digital transformation accelerates across East Africa, the risk of cyberattacks will only grow. Bryan Hamman, regional director for Africa at NETSCOUT, noted, “As attack volumes fluctuate and complexity increases, no sector can afford to be complacent. Proactive defense strategies, underpinned by real-time visibility and intelligent threat mitigation, are essential to safeguarding critical infrastructure”.