By Benadeta Mwaura - Reporter
Kenya, June 20, 2026 - Kenya recorded 3.37 billion cyber threat events between January and March 2026, underscoring the growing sophistication of digital attacks targeting critical infrastructure despite an overall decline in reported incidents.
According to the latest quarterly sector statistics report released by the Communications Authority of Kenya (CA), the National Kenya Computer Incident Response Team Coordination Centre (KE-CIRT/CC) detected 3.37 billion cyber threat events during the first quarter of 2026, representing a 26.15% decline compared to the October–December 2025 period.
The Authority issued 20.58 million cyber threat advisories during the quarter, down 5.7% from the previous reporting period, as it continued to warn organisations and internet users about emerging cyber risks.
The report attributes the persistent threat environment to inadequate system patching, low cybersecurity awareness, phishing and social engineering attacks, as well as the growing use of artificial intelligence and machine learning tools by cybercriminals.
System attacks remained the most prevalent threat category, accounting for more than 3.23 billion incidents, or approximately 96% of all detected threats. These attacks primarily targeted critical information infrastructure, including operating systems, databases, network devices, and web applications.
Internet service providers, cloud service providers, and healthcare institutions emerged among the most affected sectors.
Malware attacks ranked second, with 68.7 million attempts recorded during the quarter, marking a 3.08% increase from the previous reporting period. According to the Communications Authority, attackers increasingly targeted end-user devices, internet of things (IoT) equipment, email systems, and remote access tools used by internet service providers, cloud providers, and government institutions.
Brute-force attacks also increased by 8.41% to 46.4 million incidents as cybercriminals sought to exploit weak passwords, compromised credentials, and poorly configured remote access systems.
Web application attacks rose by 4.71% to 12.1 million incidents, with threat actors exploiting vulnerabilities in authentication systems, web browsers, and database servers.
More from Kenya
Despite the rise in several attack categories, the report recorded notable declines in others. Mobile application attacks fell by 29.18% to 219,549 incidents, while distributed denial-of-service (DDoS) attacks dropped sharply by 85.93% to 8.2 million cases.
The Communications Authority noted that cybercriminals continue to focus on sectors that handle large volumes of sensitive data and provide essential services. Government agencies, educational institutions, financial institutions, and telecommunications companies remain among the most attractive targets for cyber attackers.
The report also identified cryptocurrency exchanges, foreign exchange trading platforms, and online gambling websites as emerging high-risk sectors as digital services continue to expand across the country.
Kenya has accelerated its digital transformation agenda in recent years, increasing the adoption of cloud computing, mobile payments, e-government services, and internet-connected devices. However, experts warn that rapid digitisation has also expanded the country's cyber risk exposure.
The Communications Authority urged organisations to strengthen cybersecurity measures by prioritising regular system updates, enhancing employee awareness, implementing robust access controls, and adopting proactive threat monitoring systems.
The latest findings highlight the need for continued investment in cybersecurity capabilities as Kenya seeks to protect critical infrastructure and maintain trust in its rapidly growing digital economy.