Password and username attacks hit 46 million cases

Rise in Brute-Force Cyberattacks in Kenya
Kenya has witnessed a significant surge in brute-force cyberattacks, where attackers use trial-and-error methods to guess login credentials such as usernames and passwords. In the three months leading up to March, these attacks reached 46.38 million, marking a critical escalation in cybersecurity threats. The Communications Authority of Kenya (CA) reported that brute-force attacks increased by 8.4 percent, reaching 42.8 million in the previous quarter.
These attacks are primarily targeting critical information infrastructure, including cloud service providers and government systems. The latest figures represent the highest number of brute-force attacks recorded in a single quarter in Kenya’s history, with over 128.8 million such threats detected in the past year.
Targeting Vulnerable Systems
Attackers are increasingly focusing on database servers and user authentication systems, exploiting weak credentials, unpatched systems, and misconfigured remote access services. This method allows them to steal personal or financial information from databases and emails, deploy malware or ransomware, and hijack systems for further attacks.
The CA highlighted that the spike in attacks is linked to the growing use of IoT devices and remotely accessible systems. Exposed Telnet ports, misconfigured RDP services, and vulnerable libssh versions have become common entry points for cybercriminals.
Shift in Attack Methods
While the overall number of cyber threat events declined by 26.15 percent compared to the October–December 2025 period, this does not indicate a reduction in threat severity. Instead, it suggests that criminals are shifting toward more focused and persistent attack methods. This trend aligns with Kenya's positioning as a regional technology hub and its adoption of a “cloud-first” strategy for public service delivery.
Financial Impact of Cybercrime
Cyberattacks have had a severe financial impact on Kenyan banks and businesses. In 2024, hackers stole a record Sh1.59 billion from Kenyan banks, highlighting the risks associated with heavy investment in technology and mobile banking. Mobile banking fraud alone jumped from Sh182.41 million to Sh810.68 million, representing a 344 percent increase.
Other forms of cybercrime also saw alarming growth. Card fraud cost customers Sh263.29 million, which is 16.9 times higher than the previous year. Computer fraud, which includes hacking into systems to steal data, saw losses jump to Sh203.39 million, while identity theft-related fraud grew sixfold to Sh199.08 million.
Cloud Infrastructure and Security Challenges
Cloud infrastructure offers virtual integration of hardware and software components such as servers, storage, networking, and management tools to deliver cloud computing services over the internet. Kenya’s Cloud Policy requires public institutions to prioritize cloud services over traditional systems, and local businesses, especially SMEs and technology startups, have been adopting cloud computing.
However, experts warn that the growing reliance on interconnected systems, along with increased remote working in companies and government offices, is expanding the attack surface for cybercriminals. This is particularly concerning in sectors handling sensitive data.
Cybersecurity Threats and Mitigation Strategies
The CA emphasized that many of these attacks were enabled by compromised credentials, lack of multifactor authentication, and expanded remote working. The objective is often to gain unauthorized remote access and escalate privileges within networks.
Privilege escalation involves increasing access rights within a network, moving from a standard user to a high-level administrator, or accessing peer-level accounts. This can lead to significant financial fraud and system breaches.
Notable Cyberattacks in Kenya
Several high-profile cyberattacks have been recorded in Kenya. In November, dozens of government websites, including the State House, Immigration Department, and Directorate of Criminal Investigations, were defaced with extremist messages. In July 2023, the eCitizen platform was taken over by cybercriminals, paralyzing access to over 5,000 government services.
In both cases, the government stated that no data was lost during the attacks. However, the incidents underscore the growing vulnerability of digital infrastructure.
Ongoing Cyber Threat Landscape
According to the CA, the broader cyber threat landscape is driven by inadequate system patching, low user awareness of phishing and social engineering tactics, and the rising use of artificial intelligence and machine learning tools by malicious actors.
As Kenya continues to embrace digital transformation, the need for robust cybersecurity measures becomes more urgent. Organizations must invest in stronger authentication protocols, regular system updates, and employee training to mitigate the risks posed by evolving cyber threats.