- Wired telecommunications faces the most impact, followed by wireless telecommunications, Data processing and hosting services.
- Government services rose to second place following the outbreak of the Israel-Palestine conflict in October 2023, attributed to hacktivism, APT activity and state-sponsored cyber groups.
- Healthcare industry experienced the highest year-on-year growth in attacks at 174%, followed by transportation at 116%.
The telecommunications sector remains the most targeted vertical (21 per cent share) of all DDoS attacks in 2023 in the Middle East and North Africa region (MENA), registering an 83 per cent year over year increase, according to cybersecurity solutions provider StormWall report.
Within this sector, wired telecommunications faced the most impact, followed by wireless telecommunications.
Data processing and hosting services ranked third while satellite and other telecommunications services were significantly less targeted.
However, government services (18 per cent attack share) have now risen to second place following the outbreak of the Israel-Palestine conflict in October 2023, attributed to hacktivism, APT activity, and state-sponsored cyber groups.
“The most targeted verticals shifted after the conflict began. In the first half of 2023, most attacks in MENA were initiated by for-profit hackers, rather than hacktivists. They mainly targeted e-commerce, fintech, transportation, oil and gas, and manufacturing industries for monetary gain,” the report said.
By the end of the year, the report stated that the situation flipped and saw more DDoS attacks by hacktivists, who bombarded healthcare, education and government industries with malicious traffic.
Immediately after the conflict began there was a spike in attacks on government services, healthcare (174 per cent year-on-year increase), and education (106 per cent year-on-year increase), mainly due to the massive growth in DDoS traffic that became concentrated around critical infrastructure and government services.
In Israel, the Electric Company, the Jerusalem Post, the Shabak official website, the Bank of Jerusalem, and The Israel Internet Association, which is responsible for managing “.il” domain names, were all hit hard, leading to temporary disruptions in service — and this represents just a small section of a much longer list of targets.
However, the conflict spilt beyond regional boundaries — many attacks were attributed to APTs, state-sponsored groups, and activists from Indonesia, Sudan and Iran.
The healthcare industry in MENA experienced the highest growth in attacks at 174 per cent year-over-year, followed by transportation at 116 per cent.
In examining the geographical distribution of DDoS attacks, the top 5 most attacked countries collectively accounted for 77 per cent of DDoS traffic in the MENA region.
The list includes the United Arab Emirates (26 per cent share), Saudi Arabia (18 per cent share), Kuwait (16 per cent share), Qatar (9 per cent share), and Bahrain (8 per cent share).
In 2023, many businesses from Russia relocated to the UAE and other business-friendly hubs to escape economic sanctions. This not only required them to rebuild their digital infrastructure — providing hackers with opportunities to exploit — but also drew the attention of hacktivists. Israel (7 per cent share), Iran (6 per cent share), and Palestine (4 per cent share) also hold significant shares, with Palestine’s inclusion being notable given its small geographical size.
High spots for these countries on the list illustrate the active involvement of hacktivists in these regions, receiving more DDoS traffic than some significantly larger nations.
Middle East on radar
Countries that did not make it onto the list, receiving less than 1 per cent of DDoS traffic, include Egypt, Iraq, Syria, Cyprus, Libya, and Oman.
In 2023, DDoS attacks in the Middle East and North Africa increased by 126 per cent compared to last year. This is an unprecedented figure and the region has never had to deal with so much malicious traffic
“DDoS Attacks in MENA are growing in sophistication as hacktivists and APTs become more active: out of all DDoS attacks, 67 per cent were multivector — an increase of 118 per cent compared to 2022,” the report said.