Kenya faced a significant volume of cyber threats between July and September 2025, totaling 842 million over the three-month period. This represented a substantial 81.64% decrease in detected threats compared to the previous quarter (April to June).
System Attacks dominated the landscape, accounting for an overwhelming 776.5 million incidents. Other major threats included Malware Attacks at over 31.6 million, Brute Force Attacks exceeding 18.8 million, and Web Application Attacks at 10.4 million.
Distributed Denial of Service (DDoS) Attacks were recorded at nearly 4.8 million, while Mobile Application Attacks were the least frequent, detecting 76,891 incidents.
Several factors drive this threat environment. These Cyber Threat Factors include inadequate system patching, limited user awareness regarding social engineering like phishing, and the growing adoption of AI-driven attacks and machine learning technologies by malicious actors.
Addressing these foundational weaknesses is crucial for enhancing the country's overall cybersecurity posture.
