The Communications Authority (CA) is calling for increased vigilance by internet users as cyber threats continue to rise locally and worldwide.
The latest data from the regulator reveals that in the last financial year, the National KE-CIRT detected 3.5 billion cyber threats targeting Kenya’s cyberspace. In the past six months alone, 1.5 billion threats were detected.
The findings come on the heels of a major data breach into the systems of the Registrar of Companies in Kenya.
Speaking on Tuesday during the marking of Safer Internet Day, CA Director General David Mugonyi called for heightened vigilance, regretting that humans remain the weakest link in online crime.
“Cyber security specialists point out that humans are the weakest link in online crime. Today, we are invited to focus on the human element in cyber security; simply how you and I can make the internet safer. Our theme for this year, “Too good to be true? Protecting yourself and others from scams online”, is a call to vigilance, an urgent reminder to spare no effort to protect ourselves and those around us from online scams,” he advised.
With many Kenyans falling victim to online scams, Mugonyi stressed the need for continuous education and awareness across all platforms. He also urged the government to enact online safety laws to better protect its citizens.
“Leading nations in online protection such as Australia and the United Kingdom have developed and passed specific legislation to keep their citizens safe and hold businesses and service providers accountable if their actions lead to online harm. This legislative approach is a path Kenya can and should explore” he stated.
He further highlighted the complexities of online crime, exacerbated by emerging technologies such as artificial intelligence.
“Online scams continue to evolve in complexity, targeting individuals and businesses with alarming sophistication. From phishing emails to get-rich-quick investment schemes; these scams exploit trust and lack awareness among the population,” he said.
He went on, “With generative AI, fraudsters can create more credible-looking content, and with machine learning and automation, they can develop malware and viruses that adapt to system defences.”
While acknowledging that automation and machine learning can improve cybersecurity responses, Mugonyi stressed that on the human front, there is no substitute for awareness, consumer education and vigilance.
Collective responsibility
Mugonyi further called for collective responsibility, saying that perpetrators of online harm should be held accountable under the law.
“We require a concerted effort by stakeholders and service providers to arm Kenyans with the knowledge and information they require to identify online fraud and how to report users and numbers engaged in such activities”.
Mugonyi also advocated for safer digital spaces for children, urging parents and caregivers to monitor their children’s online activities.
“In many urban and peri-urban households, children often use their parents’ devices to access the internet. We bear a collective responsibility to ensure a safe digital environment where children and youth can explore, learn, and thrive without experiencing harm,” he emphasized.
On Safer Internet Day 2025, he urged all ICT stakeholders, service providers, institutions devoted to child protection, and those focused on digital economic development to actively commit to enhancing vigilance and reducing, if not eliminating, the threat of online scams from Kenya’s cyberspace.
The Communications Authority has undertaken various online safety initiatives, with a primary focus on child protection.
In addition to running public sensitization campaigns for parents and families, CA’s capacity-building programme on the regulatory framework for protecting children online has trained over 1,000 participants since 2019.
