While it’s true that every company is a potential target for distributed denial of service (DDoS) attacks, cybercriminals will often exploit security challenges and develop customised attack patterns that target the unique characteristics of specific vertical sectors.
For the first half of 2024, this statement certainly rings true for the telecommunications sector – from the global level, right through to many countries across the African continent.
Wired versus wireless telecoms: what is the difference?
For decades now the telecommunications industry has been referred to within the context of two sub-sectors, namely wired and wireless. The key distinction between them lies in the medium of transmission. Wired carriers transmit voice, data, text, sound and video programming via electrified wires or optical fibres. In contrast, wireless carriers deliver the same types of information using electromagnetic energy through microwave or radio spectra.
Both segments of the market have seen immense technological innovation in recent years. On the wired side, advancements include the development of digital subscriber lines (DSL), cable and fibre-optic services. Meanwhile, the wireless sector has evolved from analogue radio signals (1G) to the ongoing global rollout of 5G technology.
“Both wired and wireless telecommunications carriers have been identified as major targets of cyberattacks in 2024 – and earlier – primarily due to their critical role in the digital ecosystem,” explainsBryan Hamman, regional director for Africa at NETSCOUT. “In fact, if we look back to the second half of 2022, NETSCOUT documented a trend in DDoS attacks against wireless telecommunications providers that incurred a massive 79% increase globally.
“This has continued into 2024, as noted in the recently released NETSCOUT 1H2024 DDoS Threat Intelligence Report (TIR), which states that wireless telecommunications carriers (except satellites) across Europe, Middle East and Africa (EMEA) have seen a marked uptick in the number of attacks so far this year, up from 344,401 to 525,386 incidents in the first half of 2024, representing a jump of more than 34%.
“This could potentially be attributed to several factors: the increased use of wireless hotspots by gamers, the proliferation of 5G networks, and continued growth in the use of mobile phones, tablets and other devices,” he adds.
The latest NETSCOUT report also identified that attacks on wired telecommunications carriers for the first half of 2024 have also seen a significant increase, from 658,881 to 787,714.
Why is the telco industry being increasingly targeted?
According to Hamman, cybercriminals have increased their focus on these sectors because of their vast infrastructure, which underpins internet and communication services for both consumers and businesses.
“Because the disruption of these services has a widespread impact, they make an attractive target for cybercriminals,” he clarifies.
Key factors contributing to the increased targeting include:
- Dependence on networks: The growing reliance on telecommunications for digital transformation initiatives, remote work and online services has intensified their importance.
- More sophisticated attacks: DDoS attacks against these carriers have become particularly prevalent, leveraging sophisticated, multi-vector approaches and amplification techniques to overwhelm their networks. For example, Domain Name System (DNS) and Transmission Control Protocol (TCP)-related vectors remain common in these attacks.
- Cybercrime motivations: Telecommunications carriers possess significant amounts of personal and business data, making them lucrative targets for ransomware attacks or data breaches aimed at extracting financial gains or sensitive information.
Local cybercrime aligns with global trends
NETSCOUT’s 1H2024 DDoS Threat Intelligence Report encompassed data sourced from a number of countries across Africa, which showed that the global trends towards increased incidents within the local telecommunications space are reflected locally too.
In fact, wireless telecommunications carriers were ranked as the most targeted industry for several countries, including South Africa (54,455 attacks), Mauritius (30,039), Morocco (16,461), Mozambique (1,902), Uganda (978), Benin (196), Côte d’Ivoire (175), Lesotho (128), Senegal (107), Tanzania (99), the Democratic Republic of Congo (52), Mali (32), Guinea (19), Cameroon (16), Ethiopia (8), Rwanda (3), and Liberia (3).
Countries including Kenya (18,739 attacks), Egypt (4,910), Tunisia (574), Ghana (112), Zimbabwe (15), and Zambia (1) listed wireless carriers as their second most targeted sector, with Nigeria rating it as the third most targeted vertical, with 73 attacks.
Wired telecommunications carriers, on the other hand, were the most targeted sector in Egypt, with 28,536 DDoS attacks within the first six months of 2024, followed by Kenya (19,542), Tunisia (3,529), Algeria (411) and Libya (113). This subsector was also ranked as having the second and third highest number of incidents in Morocco (6,022), Angola (293), Uganda (66), Cameroon (15), Benin (11), Tanzania (7), Cote de Ivoire (5), Namibia (2), and the Democratic Republic of Congo (1).
The best way for organisations across all verticals to combat threats is to be well-educated, ensure the viability of their networks and protect against future attacks, says Hamman. “Likewise, it’s vital to have the ability to detect anomalous behaviour as it’s happening on the network – a sign that you may be under attack from a previously unknown vulnerability.”
Also Read: A wake-up call for businesses – assessing the true cost of major network or application failures
