Nigeria’s cybersecurity authorities have raised fresh concerns over a growing wave of Distributed Denial-of-Service (DDoS) attacks targeting digital infrastructure across the country, warning that both public and private sector systems are increasingly exposed to sophisticated cyber threats.
The Nigeria Computer Emergency Response Team (ngCERT) issued the alert, noting that threat actors are intensifying their operations through more advanced and coordinated techniques designed to overwhelm networks and disrupt access to essential digital services.
According to the advisory, attackers are now relying on a mix of botnets, traffic amplification methods, and the exploitation of known software vulnerabilities to flood targeted systems with malicious traffic, effectively rendering them inaccessible to legitimate users.
DDoS attacks, which involve overwhelming a server, network, or application with excessive internet traffic, are increasingly becoming more complex in structure and execution, making them harder to detect and mitigate.
ngCERT explained that recent attacks are often multi-layered, combining volumetric assaults that saturate bandwidth, protocol-based disruptions that exploit weaknesses in network infrastructure, and application-layer attacks that mimic legitimate user behaviour to evade detection.
The agency also identified several vulnerabilities commonly exploited in these attacks, including CVE-2018-10561, CVE-2021-44228, CVE-2019-19781, CVE-2018-7600, and CVE-2020-25705. These weaknesses are often used to compromise servers and connected devices, which are then absorbed into botnets used for coordinated large-scale attacks.
In addition, ngCERT highlighted the growing use of reflection and amplification techniques, where services such as DNS, NTP, and Memcached are manipulated to multiply the volume of traffic directed at targeted systems, significantly increasing the scale of disruption.
The agency warned that the consequences of successful DDoS attacks could be severe, ranging from prolonged service outages and financial losses to reputational damage for affected organisations. It also noted that such attacks could weaken public trust in digital systems and disrupt critical economic activities.
Beyond immediate disruption, ngCERT cautioned that DDoS attacks are sometimes used as diversionary tactics, masking more damaging intrusions such as ransomware deployment or data theft. Organisations that fail to implement adequate security controls, it added, may also face regulatory and compliance risks under national cybersecurity standards.
To counter the threat, ngCERT urged organisations to strengthen their cybersecurity posture and align their response strategies with established national incident response frameworks.
Recommended measures include activating incident response protocols, working closely with internet service providers to filter malicious traffic, and deploying dedicated DDoS protection tools such as traffic scrubbing, rate limiting, and advanced filtering systems.
The agency further advised organisations to block malicious IP addresses, restrict unnecessary network traffic, and promptly patch known vulnerabilities, particularly CVE-2021-44228, CVE-2019-19781, and CVE-2018-7600.
Other preventive steps outlined include system hardening, disabling unused services, deploying Web Application Firewalls and Intrusion Prevention Systems, and applying anti-spoofing measures in line with Internet Engineering Task Force Best Current Practices 38.
ngCERT also emphasised the importance of building infrastructure resilience through redundancy, load balancing, and auto-scaling capabilities, while maintaining continuous network monitoring to quickly detect and respond to unusual activity.
