The state of cybersecurity in Africa: Kenya

Thursday 5 October 15:00 - 15:30, Red room

Tyrus Kamau (Euclid Consultancy)

Over the last 10 years, cybersecurity has become a recurrent theme within the government and private sectors across the world. With an ever-increasing number of cyber attacks being waged against countries, financial institutions and individuals, it is no wonder that it has been postulated that the next world war will be waged in cyberspace.

In Kenya, Africa, there have been reports of cyber attacks in their infancy stages despite the country having been technologically advanced for only a very short time. The proliferation of connectivity through affordable Internet has predominantly driven innovation within the technology space and it's no wonder that Kenya is among the leading countries in Africa in terms of cybercrime.

The cyber threats Kenya faces range from basic hacking such as website defacements, financial fraud, social media account hijacking; theft of government documents and cyber espionage. The frequency of these attacks has increased, and the level of sophistication is also morphing with every incident disclosed. Moreover, Kenya has been a victim of global cyber attacks from APTs such as the Lazarus Group and the Equation Group.

A recent report ( indicates that banks and other financial services are the most sought after targets by hackers, closely followed by government institutions. Also of high interest are mobile network operators who also have a key role to play in the mobile money space, which is a popular method of remittance. The same report estimates the cost of cybercrime in Kenya to be USD 175 million in 2016, an increase from the USD 150 million reported in 2015.

This presentation will cover:

  • Early forms of cyber threats within the region, with a few case studies.
  • Direct correlation between the emergence of affordable Internet connectivity and cybercrime. 
  • The sophistication of threats within the recent past and how efforts have been put in place to curb cybercrime; case studies included.
  • Regional involvement through the African Union to address cybersecurity threats and the progress so far.











Other VB2017 papers

Keynote address: Inside Cloudbleed

John Graham-Cumming (Cloudflare)

In February 2017, Cloudflare was revealed to have been leaking private information including HTTP headers, cookies and POST data…

Walking in your enemy's shadow: when fourth-party collection becomes attribution hell

Juan Andres Guerrero-Saade (Kaspersky Lab)

Costin Raiu (Kaspersky Lab)

Attribution is complicated under the best of circumstances. Sparse attributory indicators and the possibility of overt…

XAgent: APT28 cyber espionage on macOS

Tiberius Axinte (Bitdefender)

This paper provides an in-depth analysis of the macOS version of the APT28 component known as XAgent. We will dissect the…