Online crime cases rise 4-fold to 12.5bn as cyber threats surge – Survey

Cyber Security/FILE

The number of reported online crime incidents in Kenya nearly quadrupled to 12.5 billion in 2025, signalling a sharp escalation in cyber threats as digital adoption continues to grow, a new survey by the Kenya National Bureau of Statistics shows.

The report indicates that the figure rose from 3.6 billion cases recorded in 2024, marking one of the steepest increases in cybercrime incidents in recent years.

“The total number of reported online crime incidents almost quadrupled to 12.5 billion in 2025 from 3.6 billion in 2024,” the KNBS survey stated.

The surge has been attributed to increased internet penetration and the expansion in the use of digital technologies, which have exposed more users and systems to cyber risks.

According to the report, cybercriminals are increasingly targeting online systems, databases and web-based services, exploiting vulnerabilities to gain unauthorised access to information systems.

“Cybercriminals increasingly targeted online systems, databases, and web-based services to exploit security weaknesses and gain unauthorized access to information systems,” the report said.

Data from the survey shows that system vulnerabilities accounted for the largest share of reported online crimes, rising sharply to more than 12.1 billion cases in 2025.

Web application attacks also surged significantly to 39.8 million cases, reflecting growing risks in online platforms and services.

The report further notes that the rise in cyber threats has been accompanied by an increase in cybersecurity advisories, which grew by 85.1 per cent to 72.3 million in 2025.

“The number of cybersecurity advisories issued and reported online crime cases increased for the fifth consecutive year, mainly attributed to the expansion in the use of digital technologies and increased internet penetration,” KNBS said.

Among the most notable trends was a spike in botnet and distributed denial-of-service (DDoS) attacks, which increased from 542,600 cases in 2024 to more than 4.2 million in 2025.

Brute force attacks and mobile application attacks also recorded increases during the period under review.

Experts say the growth in digital services, including mobile banking, e-commerce and online government platforms, has expanded the attack surface for cybercriminals.

The report underscores the need for stronger cybersecurity measures as Kenya continues to digitise key sectors of the economy.

“The continued increase in advisories and incidents reflects greater exposure to cyber risks as digital technologies expand,” the report noted.

Despite the rise in cybercrime, the data also suggests increased monitoring and reporting capacity, as authorities and institutions enhance surveillance systems to detect and respond to threats.

The findings place cybersecurity among the emerging risks in Kenya’s digital economy, with the sharp rise in cases pointing to the urgent need for investment in secure systems, user awareness and policy enforcement.

The KNBS survey highlights that as more Kenyans move online for services and transactions, cyber threats are likely to remain a major concern, requiring coordinated efforts between government, private sector and users to safeguard digital infrastructure.