Government Infrastructure Targeted in 114 Cyber Attacks

Kenya’s government infrastructure came under heavy cyber‑pressure in the first eight months of 2024, with a total of 114 recorded cyber‑attack attempts, according to a recent national security report presented to Parliament. The Annual Report on the State of National Security revealed that various state agencies faced sustained digital incursions, highlighting growing vulnerabilities as public services are increasingly migrated online. While many of these attempts were thwarted, the volume and sophistication of the threats underscore a rising cyber‑risk to Kenya’s critical information infrastructure.
The report, delivered by President William Ruto, attributes the surge to the rapid digitisation of government services, which has boosted efficiency but also widened the country’s exposure to cyber risks. Threat actors employed a mix of tactics — including malware, social engineering, and online fraud — to infiltrate systems, while the growing use of artificial intelligence (AI) added a new layer of complexity. The document warns that poor cyber hygiene among organisations and individuals, limited detection tools, and the anonymous nature of attackers contributed to the heightened risk. In response, the government has moved to tighten regulations, including rolling out the Computer Misuse and Cybercrime Management Regulations (2024), and strengthened defensive capacity through its National Kenya Computer Incident Response Team (KE‑CIRT), now under the Communications Authority.
Officials have expressed concern about the implications of these cyber‑incidents for national security, public trust, and economic stability. President Ruto emphasized that these attacks can lead not only to disruptions and espionage but also to financial losses for both public institutions and citizens. Cybersecurity experts and regulators welcomed the multi‑agency approach, noting that closer coordination, modern tools, and public awareness campaigns are essential. Still, critics argue that the pace of reform must match the rapidly evolving threat landscape.
Looking ahead, the government seems committed to reinforcing Kenya’s cyber‑defenses. Plans are underway to deepen partnerships with international bodies, acquire more advanced threat‑monitoring technologies, and enhance the technical capacity of law‑enforcement cyber units. If fully implemented, these measures could significantly bolster Kenya’s resilience in cyberspace — but success will depend heavily on continued investment, robust public‑private cooperation, and greater cyber literacy across all sectors.