Kenya recorded cyber-related losses of KSh 29.9 billion this year as attacks grew in frequency, sophistication and economic impact, according to a new industry assessment by cybersecurity firm Serianu.
- •The Africa Cybersecurity Report 2025, based on responses from 280 organisations, places continent-wide losses at KSh 650 billion (USD 5 billion).
- •Payment fraud remained the most common incident category, fuelled by real-time transfers, weak monitoring tools and rampant social-engineering attacks.
- •Online and email fraud accounted for 40 per cent of all incidents and 32 per cent of recorded losses, underscoring persistent identity-management gaps.
The report adds that threat actors are increasingly deploying coordinated, AI-enabled operations that blend phishing, credential theft and ransomware across financial and public-sector systems.
Secretary to the Cabinet Mercy Wanjau says the government is setting up a Government Security Operations Centre (SOC) to centralise national cyber-monitoring and incident response.
“This security operations centre will bring together monitoring, analysis and response across ministries, departments and agencies,” she said. “It will enable faster detection of incidents, more efficient communication during crises, and more consistent protection of citizen-facing services.”
She noted that as Kenya digitises healthcare, education, taxation and identity systems, protecting personal data remains a priority. “Trust is the currency of the digital age, and we must earn that trust every day,” she said.
Government Websites Hit in Coordinated November Attack
Her remarks come weeks after a coordinated cyberattack in November disrupted access to multiple government websites. According to local media reports, official portals of key ministries, including Health, Education, Labour, Environment, ICT, Tourism, Energy, Water and Interior, were taken offline after attackers defaced pages and replaced content with unauthorised material.
Visitors encountered altered pages displaying messages such as “Access denied by PCP” and “We will rise again.” No group has claimed responsibility, and authorities have yet to issue an official statement or timelines for restoring full service.
This latest incident follows a series of attacks in recent years. In July 2023, the government’s e-Citizen platform suffered a major cyber breach that disrupted services at the National Transport and Safety Authority (NTSA), Kenya Power (KPLC) and Kenya Railways.
Serianu Chief Executive Officer William Makatiani said the 2025 findings highlight the need for organisations to move from reactive controls to resilience-focused strategies.
“The rate at which organisations are investing is improving, but attackers are advancing even faster,” he said. “Artificial Intelligence has emerged as a central countermeasure, but it also forces us to rethink how we defend systems and data.”
The report notes that marketplace scams, e-commerce manipulation and fake platform activity continue to rise, while supplier-invoice redirection, impersonation schemes, SIM-swap and mobile-money fraud remain widespread despite improved controls.
Serianu says organisations that strengthen identity governance, improve visibility and invest in recovery readiness, including AI-driven monitoring and automated patching, can sharply reduce both incident frequency and financial exposure.
