Kenya’s cyber threats surge 441% in three months as defence gap widens

Kenya absorbed 4.6 billion cyber threat events in the three months to December 2025, the sharpest quarterly escalation the country’s computer incident response centre has recorded in at least three years, according to a Communications Authority of Kenya (CA) report reviewed by TechCabal.

The surge from 842 million events in the previous quarter represents a 441.3% kump in a single reporting period. The numbers represent the sharpest test yet of whether Kenya’s cybersecurity infrastructure can keep pace with its digital economy. 

The numbers are stark across every threat category. System vulnerabilities, the largest category by volume at 4.37 billion events, rose 463.4%. Mobile application attacks climbed 303.2%.

Distributed Denial-of-Service (DDoS) incidents, which overwhelm websites and servers with traffic until they go offline, grew 1,116.7% quarter-on-quarter. This is the fastest acceleration among all threat vectors in the report.

Yet the advisory response to DDoS totalled just 1.34 million out of 21.8 million total advisories issued during the period. That mismatch between threat velocity and regulatory attention is the structural gap at the centre of Kenya’s cyber posture.

Authorities attributed the rise in threat volumes partly to the exploitation of AI-driven tools by malicious actors, a pattern that has accelerated since 2023. The CA’s own report cites AI and machine-learning exploitation as a primary driver of the latest surge, alongside inadequate patching and low user awareness of social-engineering vectors.

The current spike did not arrive without warning. The National Kenya Computer Incident Response Coordination Centre (KE-CIRT/CC) detected 657.8 million threat events in July-September 2024, a 41.87% jump from the previous quarter, indicating a steep trajectory. 

Kenya recorded 2.54 billion cyber threat events in the first quarter of 2025, a 201.7% surge from the prior period. The December quarter’s 4.6 billion is another doubling.

The country lost an estimated $83 million to cybercrime in 2023, placing it second in Africa behind Nigeria’s $1.8 billion. Its fintech sector is projected to reach $1.5 trillion in payments by 2030, a scale that makes the advisory gap a financial stability concern, not just a technical one.

M-PESA alone processes more than 100 million transactions daily, across infrastructure that sits atop the same networks these attacks target.

“Key measures for mitigating emerging cyber threats may be achieved through the implementation of multi-factor authentication with comprehensive password policies, proper network firewall and antivirus software configuration, and continuous enhancement of advisories to emphasise regular system and application patching,” the CA recommended in the report.