A nationwide wave of distributed denial-of-service (DDoS) attacks disrupted normal service in South Africa, affecting major hosting providers and internet businesses.
Major stakeholders in South Africa’s internet community are criticising the government for its silence on the matter and for poor cybersecurity oversight. Major hosting providers such as 1-grid, Xneelo, Network Platforms, Host Africa, and Domains.co.za all experienced downtime, and tens of thousands of businesses were affected downstream.
“If this had happened in the UK, the US or Australia, there would already be a government-level task team … actively assisting the affected centres, exchanging indicators of compromise with foreign counterparts and issuing public technical advisories within 24 hours,” a specialist told Newsmen.
While some industry stakeholders blame the government for its poor response to the issue, others believe it is an industry matter to be handled internally without government intervention.
The South African Government has since responded to the issue via its communications minister, quelling tensions and providing much-needed answers on the development.
South Africa’s Communications Minister, Solly Malatsi, said he is engaging with a senior official, Khumbudzo Ntshavheni, on a coordinated approach to the matter.
“I am aware of the large-scale distributed denial-of-service attacks that have targeted South African web hosting and telecommunications companies over the past week and note the concern this has raised among businesses and the public,” Malatsi said.
“I am engaging with the minister in the presidency to ensure a coordinated whole-of-government approach to monitoring these attacks and implementing concomitant responses within the prescriptions of applicable legislation, including the Cybercrimes Act, given that the mandate for that lies with her department.”
According to Malatsi, the Cybercrime Act is under the purview of Ntshavheni’s office, and he has oversight of the State Security Agency.
Samantha Moloi, an advocate at Thulamela Chambers, whose practice covers cybersecurity, AI law and technology, commented on the issue, harping on the lapses of the South African government
According to Moloi, the country has the legal architecture but lacks the practical capacity to respond adequately to a national-scale attack. At the time of the report, it remains unclear whether the South African government will take any action beyond the coordinated response led by Communications Minister Khumbudzo Ntshavheni.
What is a DDoS Attack
A Distributed Denial of Service (DDoS) attack is a cyberattack in which thousands of compromised internet-connected devices, collectively known as a botnet, simultaneously flood a target website or server with overwhelming volumes of fake traffic, rendering it inaccessible to legitimate users.
The attack is typically carried out by malicious actors. They secretly infect computers, smartphones, and IoT devices with malware, then hijack them remotely.
Motivations include competitive sabotage, political activism, extortion, or simple digital vandalism. The sheer volume of simultaneous requests collapses the server’s capacity to respond.
Get passive updates on African tech & startups
View and choose the stories to interact with on our WhatsApp Channel
ExploreLast updated: May 25, 2026
