Kenya's cyber threats soar 202 per cent in Q1, hitting 2.5 billion
The spike marks one of the sharpest increases in recent years, and signals growing vulnerabilities across critical sectors, including finance, telecommunications and government systems.
Kenya is experiencing a rise in cybercrime, with cybersecurity threats soaring sharply during the first three months of the year.
Latest sector statistics by the Communications Authority of Kenya (CA) show the number of threats rose by 201.7 per cent to 2.5 billion from 840.9 million in the preceding quarter.
More To Read
- Were Judiciary staff locked out by hackers seeking to stall IEBC appeal?
- AI won’t replace computer scientists any time soon – here are 10 reasons why
- Kenya acquires advanced cyber tools sparking privacy concerns
- Six suspects arrested in Mombasa in multi-million cybercrime bust
- Kenya records surge in cybercrime with 82 per cent targeted, gaming sector most hit - report
- Google Chrome to automatically replace weak passwords in major security upgrade
The spike marks one of the sharpest increases in recent years, and signals growing vulnerabilities across critical sectors, including finance, telecommunications and government systems.
Consequently, the number of cybersecurity advisories issued also increased.
“A total of 13.2 million advisories were issued in response to the cyber threats detected, representing a 14.2 per cent increase compared to 11.6 million advisories issued last quarter,” CA says.
Notably, the system vulnerabilities category saw the sharpest increase, with threats rising to 2,470 million, a 228.3 per cent jump from 752.4 million recorded in the previous quarter.
System vulnerabilities involve different types of weaknesses that attackers can exploit, such as flaws in software, hardware, networks, configurations, or authentication processes.
They include issues like unpatched software, weak passwords, insecure network settings, or outdated encryption methods, all of which expose systems to cyber threats.
It is closely followed by web application attacks, which also rose by 11.8 per cent, reaching 5.08 million threats, up from 4.54 million in the previous quarter.
These attacks target vulnerabilities in websites or online applications to gain unauthorised access, steal data, or disrupt services.
Conversely, the number of threats from Distributed Denial of Service (DDoS), mobile application attacks, malware and brute force attacks declined during the quarter.
These by 76, 51, 28 and three per cent, respectively.
The rise in cyber threats comes amid increasingly sophisticated cyber gangs, who now take less than a week to execute attacks, targeting the rapidly expanding digital market.
A study by the international lobby group, World Economic Forum (WEF), reveals that the average number of days taken by cyber criminals to execute a single attack has moved from around 60 days in 2019 to four today.
The lobby attributes the development to the fast-growing artificial intelligence (AI), which is potentially increasing the number and frequency of attacks.
"Threat actors are already using AI-powered language models like ChatGPT to write code. Generative AI is also helping the less proficient threat actors create new strains and variations of existing ransomware, increasing the number of attacks they can execute," the lobby says.
"We, therefore, expect an increased utilisation of AI by malicious actors in the future, necessitating even stronger cybersecurity measures."
The lobby also reiterates the concern over the increasing number of people owning smartphones, tablets and laptops, terming it an attractive combination for cybercriminals.
Top Stories Today
