Kenya finds itself grappling with an unprecedented surge in cyber threats. In 2018, the country recorded 7.7 million cyber-attacks, a number that has escalated dramatically to a staggering 444 million in 2023. This alarming increase has propelled Kenya into the top three most targeted countries in the region, alongside South Africa and Nigeria.
New data provided by the National Kenya Computer Incident Response Team – Coordination Centre (National KE-CIRT/CC) from the third quarter of fiscal year 2022/2023 paints a vivid picture of the challenges faced by Kenyans in the digital realm. A staggering total of 187,757,659 cyber threats were detected during this period, prompting authorities to issue 3,584,966 cybersecurity advisories. This multi-agency team acts as the primary point of contact for cybersecurity matters in Kenya and plays a pivotal role in managing and coordinating the nation’s cyber security efforts.
Of particular concern is the prevalence of malware threats, which comprised a significant portion of the detected risks. Over 26.4 million malware threats were identified, leading to the issuance of 69,164 advisories. Additionally, Distributed Denial of Service (DDOS) attacks emerged as another potent threat, with 7,613,124 detected instances and 14,888 advisories issued.
Kenyans online were also confronted with 128,514 web application attacks, showcasing the diverse range of threats they are facing. The authorities further discovered a staggering 153,615,491 system vulnerabilities, which can weaken the security of digital systems, rendering them susceptible to various cyber threats. Consequently, 3,479,886 advisories were issued to address these vulnerabilities during the same quarter.
Interestingly, amidst this wave of cyber threats, a recent report indicated a 25 percent drop in cyber attacks on Kenyan firms. As documented in June 2023, cyber attacks on Kenyan firms had witnessed a significant 25 percent decline, dropping to 187.8 million in a three-month span (January 2023 – March 2023). This noteworthy decrease was in contrast to the preceding quarter of the previous year, where 249.99 million attacks were reported, as revealed by a recent report from the Communication Authority of Kenya (CA).
As businesses increasingly embraced online platforms, including e-commerce and remote work arrangements, cyber attackers seized the opportunity to target organisations through their websites. These attacks compelled businesses to bolster their cyber security defenses and adopt proactive measures for anomaly detection.
During the specified period, a total of 26.4 million instances of malware were reported, along with 7 million Distributed Denial of Service (DDOS) attacks. Web application attacks also rose, totaling 128,514 incidents, while system vulnerabilities, amounting to 153.6 million, remained a critical concern.
The Central Bank of Kenya (CBK) had previously cautioned lenders about the susceptibility to cyber attacks and bank-related frauds in 2017.
This rapid shift in the cyber threat landscape highlights the complex and ever-evolving nature of cyber security challenges which governments, businesses, and individuals face in safeguarding their digital assets and the necessity for continuous vigilance and robust cyber security strategies.
Read about the ongoing Cybersecurity Bootcamp and Hackathon envisaged to help guarantee cyber security in Kenya https://theafricanwatch.com/2023/08/07/kenya-strengthens-cyber-security-measures-amidst-rising-threats/