Kenya Records Over 842 Million Cyber Threats in Q3 2025, Advisories Surge

The Communications Authority of Kenya’s National KE-CIRT/CC recorded over 842 million cyber threat events between July and September 2025, representing an 81.64% decrease compared to the previous quarter. During the same period, the Authority issued 19,951,546 cyber threat advisories, a 15.53% increase from April–June 2025. The majority of detected threats were linked to inadequate system patching, limited user awareness of social engineering tactics, and the increasing use of AI and machine learning by malicious actors. The advisories emphasized regular patching, implementation of Multi-Factor Authentication (MFA), strong password policies, and properly configured firewalls and antivirus software.

Globally, the cybersecurity landscape remained heightened and increasingly sophisticated. Threats were largely driven by ransomware, Distributed Denial-of-Service (DDoS) attacks, and social engineering, often leveraging AI, large language models, and deepfakes. Critical Information Infrastructure (CII) across sectors such as e-government, ICT and telecommunications, and banking and finance continued to be prime targets. Emerging risks included Advanced Persistent Threats (APTs), supply chain attacks, and exploitation of zero-day vulnerabilities. The National KE-CIRT/CC observed a strong alignment between global and national cyber threat tactics, techniques, and procedures (TTPs).

In Kenya, the most prevalent threat vectors were System Attacks, with 776,542,757 incidents detected, followed by Malware Attacks (31,676,444) and Brute Force Attacks (18,811,738). Despite this, the most frequent advisories were issued for Web Application Attacks (9,357,296) and System Attacks (7,456,782). Key targets included end-user devices, Internet of Things (IoT) devices, web applications, and networking devices. The industries most affected were Internet Service Providers (ISPs), cloud service providers, government institutions, and academia.