Kenyan companies have experienced a welcome decline in overall cyberattacks in the first quarter of 2024, according to a new report by the Communications Authority of Kenya (CA).

The report, which tracks cybersecurity threats in the country, revealed a significant drop in total attacks from 1.29 billion in the previous quarter to 971.4 million.

However, the news isn't all positive. The report also highlighted a concerning rise in specific types of cyber threats, suggesting a shift in tactics by attackers.

Malware threats, for instance, saw a staggering increase, jumping from 13.22 million at the end of 2023 to a worrying 33.19 million by March 2024.

Brute force attacks, which involve repeatedly trying to guess login credentials, also exhibited a sharp rise, growing from 9.67 million to 28.01 million in the same period.

The report sheds light on a similar trend for Web Application Attacks, which rose from 72,536 to a concerning 199,435 during the review period.

This suggests that attackers are increasingly targeting vulnerabilities in web applications, underlining the importance of robust web security measures for Kenyan businesses.

The mobile landscape also presents a cause for concern. The CA report documented a significant surge in Mobile Application Attacks, with the number of incidents jumping from 52,705 in December 2023 to a troubling 171,232 by the end of March 2024.

This highlights the growing need for robust mobile security solutions as Kenyans increasingly rely on smartphones and tablets for various activities.

Interestingly, the report also documented a decrease in System Vulnerabilities threats, which fell from a staggering 1.269 billion in the last quarter of 2023 to 871.22 million by the end of March 2024.

This suggests that Kenyan businesses may be taking steps to address vulnerabilities in their systems, potentially explaining the overall decline in cyberattacks.

The report also noted an increase in Distributed Denial of Service (DDoS) attacks, with a total of 38.64 million recorded from January to March 2024.

DDoS attacks overwhelm websites with traffic, making them inaccessible to legitimate users.

In a bid to counter these evolving threats, the CA issued a notable increase in cybersecurity advisories during the review period.

The number of advisories grew from 8.06 million to 8.5 million, indicating the Authority's proactive approach in keeping Kenyan businesses informed about the latest cyber threats and mitigation strategies.

These advisories also included valuable support for digital investigations and forensics.

The CA's report paints a complex picture of the Kenyan cybersecurity landscape.

While overall cyberattacks have decreased, the rise in specific threats like malware and mobile application attacks demands vigilance from businesses.

The report underscores the importance of continuous improvement in cybersecurity practices to stay ahead of evolving threats.