- The Communications Authority of Kenya has revealed that the country lost (Sh10.71 billion) $83 million to cybercrime in 2023.
- This ranks the country second in Africa, trailing only Nigeria with a loss of $1.8 billion (Sh232.2 billion), Uganda with $67 million (Sh8.6 billion), Botswana with $39 billion (Sh5 billion), and Lesotho with $2.3 million (Sh296.7 million).
- Businesses and agencies affected by cyberattacks in Kenya reportedly spent an average of Sh561 million ($4.35 million) to restore their services.
Per the latest cyber security report released by the authority, the National KE-CIRT/CC also detected 1.1 billion cyber threat events, representing a 16.50% rise from the 971,440,345 threat events detected in the previous period (January to March).
The National Kenya Computer Incident Response Team Coordination Centre (KE-CIRT/CC) is responsible for detecting, protecting, and responding to cyber threats.
David Mugonyi, the authority's Director General, acknowledged that many attacks targeted system vulnerabilities. He attributed this to the country's growing use of inherently insecure Internet of Things (IoT) devices, insecure system configurations, out-of-date software, and emerging technologies such as AI.
“Cybercriminals have continued to utilise identity theft and phishing to trick victims into disclosing sensitive information, which can result in grave financial losses. Cyberbullying and cyber harassment are some of the activities that comprise online abuse, amongst other malicious activities,” he added.
Mugonyi stated that localised solutions are critical for dealing with cyber threats specific to Kenya and the region, such as cyberespionage, cyberterrorism, and other specialised threats that global frameworks may not adequately address.
In response to rising cyber threats, the government plans to consolidate all cyber control units across ministries and agencies into a single national entity. This initiative will involve amending the National ICT Policy and updating the National Cybersecurity Strategy to tackle evolving digital security challenges.
Recall that in 2022, Kenya launched its National Cybersecurity Strategy (2022-2027) to bolster cybersecurity governance, enhance legal and regulatory frameworks, build capabilities, reduce cyber risks and crimes, and promote cooperation at national and international levels.
Mugonyi also confirmed that the authority is working with local and international partners to improve the cybersecurity legislative framework and ensure timely, effective resolution of cybercrime incidents.
