Cloud Security

Cloud Security

Endpoint Security

Endpoint Security

Enterprise Network Security

Enterprise Fraud Management

Enterprise Fraud Management

Enterprise Network Security

Governance, Risk & Compliance

Governance, Risk & Compliance

Identity & Access Management

Identity & Access Management

Incident Response, Digital Forensics and Litigation Support

Incident Response, Digital Forensics & Litigation Support

Managed Detection and Response

Managed Detection & Response

Red Team Assessment and Operations

Red Team Assessments and Operations

Security Strategy, Governance, Risk and Compliance

Security Strategy, Governance, Risk and Compliance

Threat Intelligence Services

Threat Intelligence Services

Vulnerability Assessment and Penetration Testing

Vulnerability Assessment & Penetration Testing

Vulnerability Assessment and Penetration Testing

SWIFT CSP Compliance Audit & Assessment

Incident Response, Digital Forensics and Litigation Support

Blog

Kenya Threat Landscape Report 2024

by | Mar 6, 2025 | News | 0 comments

Kenya Threat Landscape Report 2025

Kenya Threat Landscape Report

The Kenya Threat Landscape Report prepared by SOC Radar highlights various aspects of the cyber threat landscape around Kenya.

Top takeaways

Sector-Specific Targeting: The public administration, information, and finance sectors are the primary targets in Kenya’s cyber threat landscape, collectively
accounting for over 43% of observed incidents. This focus highlights the increasing risk to critical infrastructure and financial systems.

Geographical Focus: Kenya remains a primary target for cybercriminals, with 69.1% of threats directed solely at the country. However, 30.9% of attacks affect
Kenya alongside other nations, indicating the regional scope of threat actor operations.

Ransomware Threats: Manufacturing is the top sector targeted by ransomware, representing over a quarter of ransomware incidents. LockBit variants dominate ransomware activities, with a combined share of 22.74%, indicating the sophistication and persistence of these threat actors.

Phishing Attacks: National Security and International Affairs sectors are highly targeted by phishing attacks (50%), reflecting the value of sensitive government information. Banking follows with 21.43%, signaling continued efforts by cybercriminals to exploit financial institutions.

Evolving Phishing Techniques: Phishing pages largely rely on generic or ambiguous titles (61.19%), making it difficult for users to immediately recognize
malicious intent. However, titles such as “Sign in to your account” and “Redirecting…” suggest an increasing focus on user credentials and data
harvesting.

HTTPS Adoption in Phishing: Despite the growing use of HTTPS (56.7%) in phishing domains, a significant portion (43.3%) still operates on HTTP. This
emphasizes the need for users to scrutinize URLs and not rely solely on secure connection indicators.

Diverse Threat Activity: Threat actors are not confined to one type of attack. Data/database compromises are the most prevalent attack type (61.8%), followed by access-related threats (21.1%), and website disruptions (14.5%). This variety reflects the multifaceted nature of the threat landscape and the need for a multi-layered defense strategy.

Front Covers, Kenya Threat Landscape Report 2025

Download the Kenya Threat Landscape Report 2025