Image credit: Getty images
Kenya experienced 114 cyber-attacks targeting critical information infrastructure (CII) from January to August 2024. This was revealed in the annual report on the State of National Security for September 2023 to August 2024, presented by President William Ruto during his State of the Nation address.
The report highlighted the dual impact of rapid technological advancements: significant contributions to socioeconomic growth and the rise of new cyber threats. Anonymity enabled by digital tools has allowed state and non-state actors to exploit cyberspace for espionage, disruption, and financial fraud.
President Ruto described the cybersecurity landscape as “volatile,” driven by increased digitization and the migration of public services online. The reliance on web-based platforms has exposed institutions and individuals to malware, social engineering, and scams.
Artificial intelligence (AI) was noted as both an enabler and a challenge. While AI enhances operational efficiency, it introduces complexities that cybercriminals exploit to compromise security. Similarly, the growth of Internet of Things (IoT) devices and outdated software has exacerbated vulnerabilities.
Also read: Top 5 Cybersecurity Predictions for 2025
Government’s Response
To counter rising cyber threats, Kenya has implemented several measures:
- Regulations: Introduction of the Computer Misuse and Cybercrime Management Regulations (2024) to enhance information sharing and incident response.
- Multi-Agency Collaboration: Partnerships between the government, national entities, and international organizations to bolster cybersecurity efforts.
- KE-CIRT/CC: The establishment of the Kenya Computer Incident Response Team under the Communications Authority to monitor threats.
- Capacity Building: Investments in modern tools, expertise, and training for law enforcement and cybersecurity units.
President Ruto also stressed the need for public awareness to combat poor cybersecurity practices like weak passwords and outdated systems.
Also read: Kenya detected 1.1 billion cyber threat events in its latest cybersecurity report
Cyber Threat Detection Statistics
The Communications Authority’s Cyber Security Report revealed that from July to September 2024, KE-CIRT/CC detected 657.8 million cyber threats, marking a 41.87% decrease from the 1.13 billion threats observed between April and June.
Despite the decline, there was a rise in system attack advisories, which increased by 2.51% during the same period, reaching over 9.58 million. The advisories emphasized steps such as regular system updates, multi-factor authentication, and the use of strong passwords to mitigate risks.
Kenya’s cybersecurity focus remains on safeguarding critical infrastructure while addressing emerging risks associated with AI, IoT, and other technologies.
About Author
