Kenya has the highest internet penetration in Africa with over 31 million people having access to the internet, according to a report by Jumia Business Intelligence and GSMA Mobile.

With more and more Kenyans connecting to the internet from mobile devices like phones and tablets, also comes the rise of mobile money transactions, access to loans and economic prosperity for the country.

But with the acceleration of digitalisation comes insecure consumer habits. This coupled with a lack of coherent legislation and regulatory frameworks, as well as inadequate cybersecurity measures in key sectors, is turning Kenya into a lucrative target for cyber criminals.

The country has been targeted by hackers in several major attacks over the past couple of years, and in 2017 Kenya lost approximately Sh21.2 billion to cybersecurity, second only to Nigeria which lost Sh65.5 billion.

It’s important that organisations and their employees across Kenya are aware of the latest threats and how best to protect against them.  

Here are three of the biggest cyber threats currently facing the country:

Battling botnets

The word “botnet” is a combination of the words “robot” and “network“. Botnets can be infected with malware that allows hackers to remotely take control of a number of devices at a time, usually without the knowledge of the device owner.

According to the latest Microsoft Security Intelligence Report, botnets continue to impact millions of computers globally, infecting them with old and new forms of malware. Cybercriminals use botnets to conduct a variety of online attacks, such as send spam, conduct denial-of-service attacks on websites, spread malware, facilitate click fraud in online advertising and much more.

Defending against botnet activity is not an easy undertaking and requires a massive and coordinated effort by both private and public organisations. The first step in protecting organisations against botnets is to look for a solution that harnesses advanced machine learning.

For example, Windows Defender ATP uses the power of the cloud, machine learning and behaviour analytics to detect, protect and respond against botnets and other cyber threats.

Hackers turning to easy marks

As the cost of circumventing security measures increases, hackers are progressively taking advantage of “low-hanging fruit” to circumvent increasingly sophisticated security measures.  There are three types of low-hanging fruit routes frequently employed by cyber attackers in Kenya.


  • Social Engineering: It’s becoming more expensive for hackers to penetrate software. By contrast, it’s easier and less costly to trick a user into clicking a malicious link or opening a phishing email. The best defense against phishing is employee education and training.



  • Poorly secured cloud apps: Recent Microsoft research suggests that 79 percent of Software-as-a-Service (SaaS) storage apps and 86 percent of collaboration apps do not encrypt data both at rest and in transit. When adopting cloud apps, you should make sure that only apps with web session protection and encryption are allowed. Organisations should also have a solution in place to have visibility into and control over all cloud apps usage.



  • Taking advantage of legitimate platform features: Cybercriminals are increasingly taking advantage of legitimate software platform features to infect computers. For example, during the last quarter of 2017, the Windows Defender Security Intelligence team detected incidents where hackers used legitimate business software to stay “under the radar” as they phished users and infected computers.


Wrestling ransomware

Last year the infamous ransomware attack WannaCrypt hit the NHS and other systems around the world, bringing down critical services. It impacted over 230,000 computers and to this day constitutes one of the largest ever cyber-attacks. According to Microsoft’s latest Security Intelligence Report, ransomware continues to be a popular method used by cybercriminals to solicit money from victims.

At least 19 companies in Kenya were been hit by the WannaCrypt attack.

To protect yourself from falling victim to a ransomware attack you can take the following measures:


  • Back up data: Be sure to create destruction-resistant backups of critical systems and data. Also, be sure to regularly test that backups are working.



  • Apply multi-layered security defences: Use an email security solution that scans suspicious email attachments and ideally protects at the time a user clicks on an attachment. Antivirus software should help detect and block the download and installation of some ransomware but to mitigate against the impact of sophisticated ransomware, additional protection is required. Advanced threat protection that applies machine learning and artificial intelligence technologies can help.



  • Keep software up-to-date: To minimise entry points for ransomware, be sure to keep all software updated, including operating systems, web browsers, plug-ins and security software. Also prioritise patching new releases to enable stronger protection against vulnerabilities.


Prevention is better than cure

The past year has shown us the significant impact of botnet infections on computers worldwide. We’ve seen cybercriminals leveraging less sophisticated methods to infect machines and extort ransoms from victims; and we’ve continued to encounter ransomware in a wide range of cybercrime activity.

Organisations in Kenya that act quickly to adopt security solutions, implement incident response plans and employ the right mix of people will minimise damage and impact from cyber-attacks now and in the future.

Microsoft is a trusted security advisor and partner to large global organisations. To learn more about our security offerings, visit and check out the Microsoft Security Blog for our perspectives on additional trending threats and topics.