Kenyan businesses and agencies hit by cybercrime were last year forced to part with an average of $4.35 million (Sh561 million) to restore their services, Communications Authority has revealed.
This saw the country suffer losses amounting to $83 million (Sh10.71 billion), the second highest in Africa.
Data by the National Kenya Computer Incident Response Team Coordination Centre (KE-CIRT/CC), the body mandated to detect, protect, and respond to cyber threats, show that attackers are increasingly targeting national assets and financial institutions.
The Authority’s Director General, David Mugonyi, said that the most affected industries by volume of incidents and losses are financial services, government, fintech, hospitality, education, telecommunication, and manufacturing.
However, despite the initiatives to stop threats from external sources, insider threats and online frauds are the leading threats.
For instance, CA says that between April and June 2024, the National KE-CIRT detected 1.1 billion cyber threats targeted at Kenyan assets.
“The cost of cybercrime in Africa is staggering; last year Nigeria suffered losses amounting to $1.8 billion (Sh232.2 billion), Kenya $83 million (Sh10.71 billion), Uganda $67 million (Sh8.6 billion), Botswana $39 billion (Sh5 billion), and Lesotho $2.3 million (Sh296.7 million). The average data breach in Kenya in 2023 was $4.35 million (Sh561 million),” said Mugonyi.