CA report flags AI cyber-attacks crisis, putting critical infrastructure and OT sectors at quantifiable breach risk

Cybercriminals are accelerating the pace of attacks using sophisticated Artificial Intelligence (AI) tools, with many Kenyan firms continuing to be caught ‘sleepwalking’ into such disruption unless they take urgent action, a new cybersecurity report has revealed.

Also read: Looming cybersecurity attacks how exposed is Kenyas healthcare sector

The latest findings by the Communications Authority of Kenya (CA) show that firms faced a high volume of cyberattacks in three months to December 2025, with ransomware, system vulnerabilities, and social engineering remaining the top threats.

Recent data indicate that 4.6 billion cyber threat events occurred during the quarter under review, representing a 441.3 percent increase from the 0.8 billion events recorded in the preceding quarter.

In the case of system vulnerabilities, for instance, the threats jumped from 776,542,757 between July and September last year to a staggering 4,375,339,677 threats and advisories detected by the authority during the review period, October and December 2025.

CA attributed the high volume of attacks to inadequate system patching, insufficient user awareness of phishing and the increasing exploitation of AI-driven and machine learning technologies by malicious actors.

The latest findings by the authority come on the heels of a spike in hacking activities targeting corporations since the onset of the COVID-19 pandemic, as digital thieves took advantage of weakened security, with many companies reporting increased instances of pony-trekking, mainly due to password compromises.

“Key measures for mitigating emerging cyber threats may be achieved through the implementation of multi-factor authentication with comprehensive password policies, proper network firewall and antivirus software configuration, and continuous enhancement of advisories to emphasize regular system and application patching,” noted CA.

Those fears are being backed by cybersecurity firm CrowdStrike, whose findings show that attackers are moving faster once they gain initial access to systems, with the fastest recorded breakout taking just 27 seconds between 2024 and 2025.

The trend, according to the report, underscores how cybercriminals are becoming significantly faster at expanding their access after breaching networks. Artificial Intelligence (AI) is increasingly driving this acceleration.

The report, released Wednesday, notes that threat actors of varying capabilities integrated AI into multiple operational stages in 2025 to accelerate, optimise, and troubleshoot their techniques. Attackers gain proficiency with AI tools, and many have increased their attack volume compared to the previous year.