ngCERT warns of escalating DDoS attacks targeting Nigeria’s critical infrastructure
The Nigeria Computer Emergency Response Team has issued a fresh alert to organisations across Nigeria’s critical sectors, warning of a sustained and intensifying wave of Distributed Denial-of-Service (DDoS) attacks disrupting digital infrastructure.
The Nigeria Computer Emergency Response Team has issued a fresh alert to organisations across Nigeria’s critical sectors, warning of a sustained and intensifying wave of Distributed Denial-of-Service (DDoS) attacks disrupting digital infrastructure.
In the advisory, ngCERT said threat actors are increasingly deploying sophisticated techniques, including botnets, amplification methods, and the exploitation of known vulnerabilities, to overwhelm systems and render essential services inaccessible.
The agency noted that both government and private sector platforms are at risk as attackers refine their methods.
DDoS attack is a malicious attempt to disrupt a server, service, or network by overwhelming it with a flood of Internet traffic, making it unavailable to legitimate users.
According to the agency, the evolving nature of DDoS attacks has made them more complex and harder to mitigate.
The advisory also highlighted the use of reflection and amplification techniques leveraging services like DNS, NTP, and Memcached, significantly increasing the volume and impact of malicious traffic directed at target systems.
The agency warned that successful attacks could have far-reaching consequences for Nigeria’s economy and national security. These include prolonged service outages, financial losses arising from operational disruptions and mitigation efforts, and weakened resilience of critical infrastructure.
Beyond immediate operational impacts, ngCERT noted that such attacks could damage corporate reputations and erode public trust in digital systems. In some cases, DDoS incidents may also serve as a diversionary tactic, masking more severe cyber threats such as ransomware deployment or data exfiltration.
Organisations may also face regulatory and compliance risks if they fail to implement adequate cybersecurity measures in line with national standards.
To address the growing threat, ngCERT urged organisations to strengthen their cybersecurity posture and align their response strategies with national incident response frameworks.
The ngCERT warning comes weeks after the Nigeria Data Protection Commission (NDPC) raised concerns over coordinated cyber threats targeting Nigeria’s financial systems and key digital infrastructure.
NDPC said its technical assessment revealed that “shadowy threat actors” have launched coordinated operations aimed at critical systems in the country.
The Commission had urged organisations handling personal data to urgently improve both technical and organisational safeguards to protect Nigerians and other data subjects from privacy breaches and cyber risks.
