Kenya Battles Unprecedented Surge in AI-Driven Cyber Threats

Kenya is facing an unprecedented wave of cyber threats, with over 2.5 billion incidents detected in just the first quarter of 2025. This marks a staggering 202% increase from the previous quarter and the highest number ever recorded in a single quarter, according to the Communications Authority of Kenya (CA) through its National Kenya Computer Incident Response Team Coordination Centre (KE-CIRT/CC).

The surge is attributed to increasingly sophisticated cybercriminals leveraging artificial intelligence (AI), exploiting vulnerabilities in mobile applications, Internet of Things (IoT) devices, and inadequately secured systems.

The CA’s data indicates that system-based attacks dominated the threat landscape, accounting for more than 2.47 billion of the total incidents. Other major threats included phishing, malware, Distributed Denial-of-Service (DDoS) attacks, and brute force login attempts. Cybercriminals are not only increasing the volume of attacks but are also evolving their methods.

The widespread adoption of generative AI tools has enabled more realistic phishing schemes, deepfake scams, and ransomware payloads, further complicating threat detection and response efforts.

A growing concern for Kenya’s cybersecurity experts is the proliferation of AI-enhanced ransomware and the use of IoT devices, such as smart home systems and unpatched industrial sensors, to launch stealth attacks.

According to security analysts, criminal groups like FunkSec have adopted Ransomware-as-a-Service (RaaS) models, making it easier for less-skilled hackers to conduct devastating cyber operations. Kenya and Turkey have emerged as Africa’s top targets for web-based attacks, with Kenya alone accounting for over 20% of incidents reported on the continent in early 2025.

Despite Kenya’s significant progress in digital transformation—including digitized government services, mobile banking, and a thriving fintech ecosystem—its rapid digitization has not been matched by equivalent cybersecurity measures.

Vulnerabilities in widely used platforms like eCitizen and mobile money services like M-Pesa remain high due to inconsistent software patching, limited investment in system upgrades, and a general lack of cyber awareness among users and institutions alike.

The Communications Authority and KE-CIRT/CC have responded by scaling up real-time monitoring and issuing advisories to critical institutions, but challenges persist. The government’s National Cybersecurity Strategy (2022–2027) outlines a multi-pronged approach involving capacity building, legal frameworks, improved coordination, and international cooperation.

The National Cyber Command Centre, established in partnership with the Kenya Defence Forces, has also enhanced national response capabilities, while programs like Huawei’s cybersecurity academy and local hackathons are helping nurture a new generation of security professionals.

Nonetheless, experts warn that more must be done. Public awareness remains low, with many Kenyans still falling for phishing scams, fake job offers, and fraudulent investment links. According to cybersecurity researchers, nearly one-third of all global cyberattacks are caused by unpatched known vulnerabilities—an issue that continues to plague both public and private systems in Kenya.

Industry observers and cybersecurity consultants advocate for the immediate adoption of zero-trust architecture, stronger vendor risk management, and nationwide cybersecurity education campaigns. There is also a call for mandatory patching protocols for public institutions and regulated sectors, as well as better protections for IoT devices, which have become key entry points for malicious actors.

Kenya’s cyber landscape in 2025 reflects a global trend: as nations embrace digital transformation, they also expose themselves to evolving cyber risks. With over 2.5 billion threats recorded in just three months, the message is clear—Kenya must accelerate its investment in AI-powered defenses, build a resilient cybersecurity workforce, and establish a culture of digital vigilance across all sectors.

Failure to act decisively risks undermining the country’s technological progress and exposing millions of citizens and businesses to devastating cyber harm.