Kenya was identified as one of the most targeted countries by web-based threats in the Middle East, Türkiye, and Africa (META) region during the first quarter of 2025, according to new findings by Kaspersky.
The report shows that 20.1 per cent of users in Kenya were affected, second only to Türkiye’s 26.1 per cent.
While Jordan, Egypt, the UAE, and Saudi Arabia reported the lowest user targeting rates in the region, Kaspersky warned that ransomware remains one of the most dangerous threats globally, with its use evolving rather than declining.
“Ransomware is one of the most pressing cybersecurity threats facing organizations today, with attackers targeting businesses of all sizes and across every region, including META,” said Sergey Lozhkin, Head of the META and APAC regions in Kaspersky’s Global Research and Analysis Team.
Globally, the share of users affected by ransomware grew slightly to 0.44 per cent, while in the Middle East, it rose to 0.72 per cent.
Read More
Africa’s share increased marginally to 0.41 per cent. In Türkiye, it reached 0.46 per cent. Kaspersky linked the spike in ransomware in the Middle East to rapid digital expansion and varied cybersecurity maturity.
In Africa, the slower growth was attributed to lower digitisation and fewer high-value targets—though countries like Nigeria and South Africa are seeing a rise as their digital economies grow.
One major shift is the use of artificial intelligence by ransomware groups. Kaspersky cited FunkSec, a group that emerged in late 2024, as an example.
FunkSec leverages AI-generated code—believed to be created using large language models (LLMs)—to develop ransomware capable of evading detection.
“There is also shift toward exploiting overlooked entry points — including IoT devices, smart appliances, and misconfigured or outdated workplace hardware. These weak spots often go unmonitored, making them prime targets for cybercriminals,” Lozhkin added.
In Kenya, the Communications Authority's National KE-CIRT/CC reported 2,538,283,798 cyber threat events during the same three-month period—more than triple the number recorded in the previous quarter. The agency issued 13,227,909 cyber threat advisories, representing a 14.18 per cent increase.
According to the Authority, the highest volume of threats came from system attacks, which reached over 2.47 billion. Other major threats included brute force attacks (33.8 million), malware (24.5 million), web application attacks (5 million), and DDoS attempts (3.6 million).
Mobile application attacks dropped to 68,063, marking a 50.74 per cent decline from the previous quarter.
The Director General of the Communications Authority, David Mugonyi, warned that the evolving digital landscape demands urgent and coordinated responses.
"Threats such as ransomware, Distributed Denial of Service (DDoS) attacks, social engineering and phishing scams, and system misconfigurations remain at the forefront of security concerns. These threats not only disrupt business operations but also compromise data privacy, undermine user trust and cause significant financial and reputational damage," Mugonyi stated.
He added that AI, botnets, and insecure IoT devices are accelerating threat trends, and that strengthening cybersecurity must be seen as a collective responsibility.
“With the right mindset and commitment, we can turn these challenges into opportunities for growth and innovation,” Mugonyi said.
The KE-CIRT/CC has recommended stricter access controls, regular system patching, improved endpoint security, and heightened awareness training as critical steps to mitigating cyber risks.
The Authority’s 2023–2027 strategic plan prioritises enhancing threat detection, public awareness, and industry-wide collaboration to secure Kenya’s digital future.
 (2)-1747307118.jpg)
