Kenya Loses Billions to Cybercrime; CA Plans Cyber Reform

Kenya’s fight against cybercrime took a chilling turn as the Communications Authority (CA) revealed that the country lost approximately KSh 10.71 billion to online attacks in 2023. The figure, equivalent to about US$83 million, underscores the escalating threat landscape targeting Kenyan institutions, businesses, and national digital systems. The Star
According to data from the National KE‑CIRT/CC (Kenya Computer Incident Response Team Coordination Centre), cybercriminals focused their efforts on several critical sectors, including financial services, government agencies, fintech firms, telecommunications, hospitality, education, and manufacturing. The Star The CA’s Director-General, David Mugonyi, pointed out that while external attacks remain a major concern, insider threats and online fraud continue to drive large losses. The Star Between April and June 2024 alone, the KE‑CIRT detected a staggering 1.1 billion cyber threat events targeting Kenyan digital assets. The Star
In response to this worrying trend, the government is pushing for a major overhaul of its cybersecurity architecture. Cybersecurity director at the Ministry of ICT and Digital Economy, Yunis Omar, confirmed plans to consolidate the fragmented cyber threat units spread across various government agencies into a single national body. The Star The CA is also calling for an updated National Cybersecurity Strategy and a revision of the ICT policy, aiming for a more coherent, whole-of-government response to cyber risks. The Star
Experts say that the spike in losses highlights deeper structural vulnerabilities: as Kenya accelerates its digital transformation, weak cyber hygiene — such as poor password management and outdated systems — remains a major entry point for attackers. businessdailyafrica.com+2The Star+2 Without urgent reforms, the financial toll could grow, threatening not just companies but the country’s broader development goals.