NAIROBI, Kenya, June 20 – Kenya detected 3.37 billion cyber threat events in the first three months of 2026, highlighting the growing sophistication of cyberattacks targeting critical sectors despite an overall decline in reported incidents.
According to the latest report by the Communications Authority of Kenya, the National Kenya Computer Incident Response Team Coordination Centre (KE-CIRT/CC) recorded 3.37 billion cyber threat events between January and March 2026, representing a 26.15 percent decline from the previous quarter.
The authority also issued 20.58 million cyber threat advisories during the period, a 5.7 percent decrease compared to the October–December 2025 quarter, as it continued to alert organizations and internet users on emerging cyber risks.
The report attributes the persistent threat landscape to inadequate system patching, low cybersecurity awareness, phishing and social engineering attacks, as well as the increasing use of artificial intelligence and machine-learning tools by cybercriminals.
System attacks remained the most prevalent threat category, accounting for more than 3.23 billion incidents. These attacks primarily targeted critical information infrastructure, including operating systems, databases, network devices and web applications.Internet service providers, cloud service providers and healthcare institutions were among the sectors most affected by system attacks.
Malware attacks ranked second, with 68.7 million attempts recorded during the quarter, marking a 3.08 percent increase from the previous reporting period. The attacks largely targeted internet service providers, cloud providers and government systems through end-user devices, internet-of-things equipment, email systems and remote access tools.
Brute-force attacks also rose, increasing by 8.41 percent to 46.4 million attempts as cybercriminals sought to exploit weak passwords, compromised credentials and poorly configured remote access systems.
Web application attacks climbed 4.71 percent to 12.1 million incidents, with attackers exploiting vulnerabilities in authentication systems, web browsers and database servers.
Despite the rise in several attack categories, the report recorded declines in others. Mobile application attacks fell by 29.18 percent to 219,549 incidents, while Distributed Denial-of-Service (DDoS) attacks dropped sharply by 85.93 percent to 8.2 million cases.
The authority noted that cybercriminals continue to focus on sectors handling large volumes of sensitive data, including government agencies, educational institutions, financial institutions and telecommunications companies.
Cryptocurrency exchanges, forex trading platforms and online gambling websites were also identified as increasingly attractive targets for cyber attackers as digital services continue to expand.
