Kenya’s incident response centre recorded 4.6B cyber threat events to Dec 2025, up from 842M. DDoS grew fastest, while advisories lagged.
Kenya’s cybersecurity monitoring data shows a steep rise in hostile activity hitting local networks and services. The figures come from the Communications Authority of Kenya’s sector statistics report for the quarter.
The biggest volume came from “system vulnerabilities”, which are known weaknesses in software or infrastructure that attackers try to exploit, like finding an unlocked door. This category hit 4.37 billion events, up 463.4% quarter on quarter.
Mobile application attacks, which target weaknesses in smartphone apps used by consumers and staff, rose 303.2%. The report also flagged a sharp spike in Distributed Denial-of-Service incidents, known as DDoS, which flood a website or server with traffic until it goes offline. DDoS grew 1,116.7% in the quarter, the fastest rise among the categories listed.
The report points to wider use of AI-driven tools by malicious actors. In simple terms, attackers can use AI to write better phishing messages, scan faster for weak systems, and automate attacks at scale.
The data also suggests a response gap. Advisories are official alerts and guidance meant to help organisations patch and defend systems. DDoS advisories totalled 1.34 million out of 21.8 million advisories issued, despite the rapid growth in DDoS activity.
For founders and operators, this raises execution questions, not just awareness. As Kenya’s digital economy grows, security teams may need faster patching cycles, better traffic filtering, and clearer incident playbooks, especially for customer-facing services.
The next few quarters will show whether regulatory attention, enterprise spending, and basic cyber hygiene can keep pace with the threat volume.
Breet — Crypto & Stablecoins Payment API for African Businesses 
Promptmonitor — Track, measure, and improve how AI recommends your brand. 
Promptmonitor