Blog By
Brian Marcelino
Cybersecurity & IT Risk Analyst (CITRA)
South-End Tech Limited
As cyber threats evolve, organizations and governments need to stay ahead of malicious actors and safeguard their systems, data, information and users. The Q2 2024-2025 Cyber Security Report by the National KE-CIRT/CC provides valuable insights into Kenya’s growing cyber threat landscape and beyond. This blog post highlights the most critical cybersecurity challenges and provides best practices for mitigating risks.
The Cyber Threat Landscape
Between October and December 2024, the National KE-CIRT/CC identified over 840 million cyber threat incidents, marking a 27.82% increase from the previous quarter. This increase is primarily due to:
- An increase in AI-driven attacks
- The growing number of Internet of Things (IoT) devices, many of which are often insecure
- Continued exploitation of system vulnerabilities
Top Cyber Threats in Q2 2024-2025
1. Ransomware Attacks
Ransomware continues to be one of the most destructive cybersecurity threats, with attackers encrypting data and demanding large ransoms. Sectors such as healthcare, finance, and manufacturing experienced huge ransomware incidents, some involving ransom demands exceeding $5.2 million per incident.
2. DDoS Attacks
Distributed Denial-of-Service (DDoS) attacks surged by 20-30% globally, primarily targeting critical infrastructure and financial services. Attackers utilized botnets and IoT devices to launch attacks, some exceeding 1 terabit per second (Tbps).
3. Phishing and Social Engineering Tactics
Cybercriminals have decided to use AI to craft highly sophisticated phishing campaigns. Phishing remains a leading attack vector, approximately 90% of cyberattacks begin with phishing or social engineering attempts.
4. System Misconfigurations
Many organizations in Kenya remain vulnerable due to weak passwords, outdated software, and misconfigured security settings. Poor patch management and inadequate access controls continue to be exploited by cybercriminals.
5. Emerging Threats: AI-Powered Cybercrime & Supply Chain Attacks
- AI-powered cyberattacks: AI-driven malware and phishing schemes accounted for 40-50% of cyberattacks in 2024.
- Supply chain vulnerabilities: Attacks on third-party vendors and software supply chains increased by 25%.
- Cloud security risks: Misconfigured cloud services and insecure APIs led to an 18-25% rise in cloud-related breaches.
How Organizations Can Enhance Cybersecurity
In our previous blog, we listed strategies on how organizations can implement to mitigate cybersecurity risk. To add to that list:
- Implement Multi-Factor Authentication (MFA) – Reduces the risk of unauthorized access.
- Regular System Patching and Updates – Fixes security vulnerabilities before they are exploited.
- Security Awareness Training – Educating employees on phishing and social engineering tactics.
- Zero-Trust Architecture – Limits access based on verification rather than implicit trust.
- Use Advanced Threat Detection Tools – AI-powered cybersecurity solutions can help identify and respond to threats faster.
Cybersecurity Capacity Development & Partnerships
The 2024 Africa Cyber Sector Collaboration Symposium, organized by the National KE-CIRT/CC, aimed to strengthen cybersecurity expertise and international cooperation. The event underlined the importance of public-private partnerships (PPPs), AI-powered cybersecurity solutions, and enhanced information-sharing mechanisms.
Looking ahead, the cybersecurity landscape will be shaped by advancements in quantum computing cryptography, the rise of AI-driven cyber threats, and increasing regulatory measures. To stay ahead of emerging risks, organizations must implement proactive security strategies.
Conclusion
With cybersecurity challenges becoming more complex, businesses, governments, and individuals must remain vigilant. The Q2 2024-2025 Cyber Security Report highlights the critical need to reinforce cyber defenses, especially in sectors handling sensitive data and critical infrastructure. By adopting a proactive approach, organizations can better protect their assets and contribute to a safer digital ecosystem.
Please do not hesitate to contact us for your Cybersecurity and Data Protection Solutions and Service needs on the telephone at +254115867309 +254721864169; +254740196519; +254115867309 or email.
