The Communications Authority of Kenya (CA) has reported a 27.83% increase in cyber threats from October to December 2024 according to its current cybersecurity report.
Between July and September 2024, cyber threat cases decreased to 657.8 million, down from 1.1 billion reported between April and June, marking a nearly 42% drop.
Fast forward to the current report from the Authority, over 840 million cyber threat events were detected during the three-month period between October to December 2024, which represented a 27.82% increase from the threat events detected in the previous period, July – September 2024.
Among the attack vectors, Distributed Denial of Service (DDoS) attacks had a significant spike in compromising access to critical public ICT infrastructure from 1,826,259 to 15,095,217 attacks.
This represents a 726.57% increase from the previous period, July to September 2024.
Most of the attacks (DDoS) targeted the health sector and government systems whereby attackers exploited vulnerabilities in insecure protocols and remote desktop service, with the aim of amplifying requests to legitimate servers thus denying legitimate users access to services.
Web application attacks rose to 29.04%.
The Authority recorded 4,542,939 web application attack attempts targeting critical information infrastructure with the top victims being the Government, Internet Service Providers (ISPs), cloud service providers, and academia.
System attacks saw a 28.91% rise with most attacks targeting database servers and operating systems belonging to ISPs and cloud service providers.
Brute force attacks detected (34,784,028) were less than that of the previous period (38,135,186), representing an 8.79% decrease.
What happens next?
The Authority, in collaboration with the African Union Commission, the European Union, the Council of Europe (GLACY-e project), and other stakeholders, will host the 3rd African Forum on Cybercrime in Nairobi in March 2024.
The forum will focus on addressing emerging cybersecurity threats by identifying effective strategies to combat cybercrime.
It will serve as a platform for sharing insights on new threats, trends, and responses, promoting a more unified approach across Africa.
Delegates will also gain a deeper understanding of policies, legislation, and tools to enhance cybercrime enforcement at domestic, regional, and international levels.
About Author
