Top Cyber Threats Targeting Businesses and How to Avoid Them

Kenya recorded over 2.5 billion cyber threat events in the first quarter of 2025 (January to March), according to reports from the Communications Authority of Kenya (CA) and the National KE-CIRT/CC.

Giant telco Safaricom says these threats targeted enterprises across various sectors, prompting the company to address the most common attacks and measures to mitigate them. 

According to the report, businesses faced higher cybersecurity costs, data breach risks, and reputational damage, with the financial sector particularly vulnerable to fraud and phishing. 

The CA issued 13.2 million advisories, up 14.2%, urging stronger defenses amid Kenya’s digital transformation. 

Key cyber threats identified include;  

Ransomware – Data Held Hostage 

Ransomware attacks occur when malicious software encrypts an organization’s files, making them inaccessible until a ransom is paid. 

In 2025 alone, Safaricom noted a sharp increase in ransomware targeting both large corporations and small enterprises. 

These attacks often exploit outdated software, weak passwords, or unpatched system vulnerabilities. 

Beyond financial loss, ransomware can halt critical operations and damage a company’s reputation. 

Businesses are advised to maintain daily backups in off-site locations, ensure software and security patches are up to date, and deploy comprehensive endpoint protection to detect and block threats. 

Phishing Attacks 

Phishing remains one of the most common cyber threats, involving fraudulent emails or messages designed to trick employees into revealing passwords, financial information, or clicking on malicious links. 

Safaricom reports that phishing campaigns in 2025 are increasingly sophisticated, often mimicking official communications from banks, government agencies, or internal departments. 

Employees who fall victim can inadvertently provide access to sensitive data or allow malware into company systems. 

Mitigation measures include staff training on recognizing suspicious emails, verifying sender addresses, hovering over links before clicking, and implementing advanced email filtering tools to reduce exposure. 

Safaricom on Business Email Compromise (BEC) 

Business Email Compromise targets enterprises by impersonating executives or trusted partners to deceive finance teams into sending money or sensitive information. 

In Kenya, BEC incidents have grown alongside the adoption of digital payments, as attackers exploit weak internal verification processes.  

Safaricom emphasizes that BEC can result in significant financial losses and operational disruptions. 

Organizations are encouraged to verify all payment requests via direct communication, implement dual-approval processes for fund transfers, and educate staff about social engineering techniques used by attackers. 

Kenya detected over 2.5 billion cyber threat events in Q1 2025, marking a 201% surge from Q4 2024, based on National KE-CIRT/CC data analyzed in this Bluefire Redteam report. 

This figure represents a 201.7% surge compared to the previous quarter, with system vulnerabilities alone accounting for over 2.47 billion incidents, up 228.3%. Brute-force attacks and web application threats also contributed significantly, accounting for around 97% of events, alongside other system attacks. 

The spike aligns with rapid digital growth, including 45.36 million mobile money subscriptions and 44.44 million mobile broadband users, expanding the attack surface for cybercriminals using AI-powered tools like Domain Generation Algorithms.

Targets included ISPs, cloud providers, IoT devices, and government systems.