DDoS attacks in the Middle East and Africa (MENA) region surged by 238% year-over-year in Q3 2024, according to cybersecurity provider StormWall. The financial sector was the hardest hit. Strikingly, attacks on banks and cloud payment providers grew by 284% compared to Q3 2023.
RELATED: Ghana, Guinea and Nigeria most targeted with DDoS attacks within West Africa, says NETSCOUT
StormWall’s latest report shows that most attacks were concentrated in finance (42%), entertainment (21%), and government (10%). Defenders faced a dual threat from profit-driven criminals pursuing extortion and hacktivists advancing political agendas.
A notable development in Q3 was the scale of botnets operating in the MENA region. Botnets averaged 28,000 devices during the quarter—four times more than in the same period last year. This growth enables attackers to escalate the volume of operations. The largest recorded attack reached 1.5 Tbps and targeted a UAE-based bank.
Hyper-volumetric network-layer DDoS attacks surged by 400% compared to the previous quarter, evolving from rare occurrences into frequent threats. Once limited to state-sponsored actors, these capabilities have become more widely accessible. Even less sophisticated, profit-driven hackers now wield cutting-edge DDoS tools.
Looking at the breakdown by country, the UAE, Saudi Arabia, and Israel were the most targeted (31%, 16%, and 14% of attacks respectively). The UAE in particular saw its share of attacks increase from 27% in the previous quarter, as the share of for-profit attacks increased compared to hactivists and focus shifted to attacks targeting the region’s economic hubs.
Meanwhile, attacks on government services were predominantly localized to Israel and Palestine. Notably, 60% of these attacks targeted news and media outlets, while 30% were directed at the financial and fintech sectors.