A recent study of Kenya’s cyberthreat landscape shows that there has been a sharp increase in sophisticated attacks targeting both individuals and organizations across the country.
From January to September of this year, Kaspersky solutions blocked over 8.4 million web-based attacks in Kenya.
Approximately 27% of users and 16.5% of corporate entities encountered cyberthreats such as phishing scams, exploits, botnets, remote desktop protocol (RDP) attacks, and fake Wi-Fi networks.
Meanwhile, over 14.2 million on-device attacks were detected, affecting 31.5% of users and 19% of corporate systems. These attacks included ransomware, worms, trojans, spyware, and other malware distributed via USB drives, CDs, DVDs, and hidden installers.
Malware analysis showed more than 1 million exploitation attempts blocked in Kenya within 9 months, mostly targeting critical vulnerabilities in Microsoft Office and Windows reported in 2017–2018.
Password stealers, backdoors, and spyware attacks are also on the rise, with Kaspersky recording a 130% increase in password stealers, a 35% increase in backdoors, and a 115% rise in spyware incidents compared to the previous year.
Infostealers: A Growing Risk
Infostealers remain a serious threat, commonly spread through phishing and pirated software. One notable example, SparkCat, initially appeared on Apple’s App Store and was later detected on Google Play.
READ: SparKCat Malware Cracks App Store Security, Puts Cryptocurrency at Risk
SparkCat targets sensitive information stored in images, such as wallet recovery phrases and passwords, showing the risks of storing credentials in photos. Its variant, SparkKitty, exfiltrates images and device data via both official and scam apps.
Ransomware attacks continue to focus on high-value corporate and government targets in Kenya and globally. Effective protection relies on both preventive and reactive measures.
This includes keeping systems regularly patched, enforcing strong authentication, limiting remote access, implementing endpoint detection and response (EDR) and extended detection and response (XDR), performing regular backups, and maintaining ongoing user awareness programs.
“While some threats are widespread, others are highly targeted,” said Bethwel Opil, Enterprise Client Lead at Kaspersky Africa. “Understanding the local threat landscape enables organizations to fine-tune security controls and stay proactively protected.”
Individuals are advised to practice basic cyber hygiene by securing devices, keeping software updated, and regularly backing up important data.
