7.9 million Cases Of Cyber Threats Detected Between January And March – Report


A report by Communication Authority Of Kenya (CA) on sector statistics shows that there were a total 7.9 million cyber threats detected by the National Computer Incident Response Team (KE-CIRT/CC) between January and March. This denoted a 25.5 percent decrease given the 10.7 million cyber threats detected during September-December 2017 period.

During the quarter, the cyber threats detected varied from denial of service (DOS) including
botnet and brute-force attacks that led to denial of computer services and illegal access to
computer systems; online impersonation via social media accounts and domain names; web application attacks including website defacement; malware including phishing attacks; online abuse including online fraud, hate speech, incitement to violence and fake news; and systems misconfiguration, among others.

Online Fraud was the biggest at 50 per cent followed at a distance by malware attacks and system misconfiguration, both at 22 per cent.

“During the period under review, the highest number of cyber threats targeted file sharing, web service and Voice over IP (VoIP) applications,” notes the report.

During the quarter under review, the National KE-CIRT/CC identified ten usernames and passwords mostly used in brute force attacks.
The top-3 usernames were root, user and usuario while the top-3 passwords used were admin, 1234 and password.

The table below shows the top-10 usernames and passwords used in brute force attacks.

Read: Google Faces Ksh502 Billion Fine Over Unfair Competition By Android

In 2017, it was reported that financial institutions in Kenya lost a staggering Ksh30 billion to cybercriminals who hacked their systems between 2015 and 2016. Records obtained by detectives showed the institutions lost Ksh17 billion in 2016 and Ksh14 billion in 2015.

This year, there have been escalated cases of cyber threats, whereby fraudsters target mobile money users.A part from individuals, institutions targeted include Kenya Revenue Authority (KRA), National Transport and Safety Authority (NTSA), Saccos and the Independent Electoral and Boundaries Commission (IEBC).Criminals hack the systems of the institutions and steal data and money undetected.

Detectives have blamed the trend on technological advancement, which has made Kenya a soft target by cyber criminals.

In 2016 alone KRA, NTSA, DTB Bank, Family Bank, Equity Bank, Police Sacco, Stima Sacco, Kenya Power were attacked by hackers, according to a police report.

Do you have a story you want told? Do you know of a sensitive story you would like us to get our hands on? Email your news TIPS to

Written by Robert

Respected Kenyan blogger, tech evangelist, and social justice activist. Robert is known for his hard-hitting articles and opinions disseminated through his Twitter handle @RobertAlai or Facebook page (

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.


FC Porto Sign Chadian Forward Marius Mouandilmadji From Cameroon’s Coton Sport

patel dam

Lawyer Representing Patel Dam Tycoon Declared Hostile Witness By Senate Committee During Probe