Kaspersky warns of AI-driven threats as Kenya password attacks surge 83%

Kaspersky used its presence at AI Everything Kenya x GITEX Kenya this week to set out the scale of the cybersecurity challenge facing organisations across East and Sub-Saharan Africa, publishing threat data that points to sharp rises across multiple attack categories and warning that widespread AI adoption is broadening the exposure surface for businesses and individuals alike.

The company's figures show that password stealer attacks grew 83% year-on-year in Kenya during 2025 and 56% across Sub-Saharan Africa as a whole. Spyware detections rose at the same 83% rate in Kenya and 53% regionally, while backdoor attacks increased 25% in-country and 8% across the wider region. Ransomware affected 7.62% of organisations in Africa over the same period, and Advanced Persistent Threat groups were detected in 21% of Kaspersky's customers globally, accounting for 23% of all high-severity incidents according to the company's Security Services Global Report.

"As organisations in Kenya and the wider region accelerate digital transformation, cybersecurity is becoming a board-level priority," said Chris Norton, General Manager for Sub-Saharan Africa at Kaspersky. "We are seeing growing awareness that innovation and security must develop hand in hand."

AI as an attack enabler

Kaspersky's researchers outline several ways in which AI is reshaping the threat model. Malicious actors are reported to be using AI across preparation, communication, vulnerability probing and payload deployment stages, while deliberately concealing evidence of AI involvement to complicate attribution. Separately, criminals are distributing malware packaged as legitimate AI tools to harvest credentials and sensitive data.

Deepfake and AI-generated fraudulent content are flagged as a growing concern, with authentication becoming harder as generative models improve. The company also highlights model-level risks, including unintended memorisation of sensitive training data and adversarial tampering with datasets or model weights. The emergence of autonomous AI agents introduces a further vector: these systems can be manipulated through adversarial prompts or misconfigured permission settings in ways that produce real-world consequences.

Perhaps the most operationally immediate risk Kaspersky identifies is "Shadow AI": employees using public AI services outside IT oversight, creating uncontrolled data flows. A survey commissioned by Kaspersky and conducted by Toluna across 2,800 respondents in seven countries found that 87.8% of Kenyan professionals use AI tools for work tasks, yet only 35% have received cybersecurity training specific to AI use.

Market and regulatory context

The threat picture Kaspersky is describing is broadly consistent with what other major security vendors have documented in global threat-intelligence reports, though regional breakdowns for Sub-Saharan Africa remain less common than coverage of North America and Western Europe. The data is vendor-sourced and based on detections from Kaspersky's own installed base, so absolute figures should be read with that caveat in mind.

On the regulatory side, the African Union's Convention on Cyber Security and Personal Data Protection (the Malabo Convention) provides a continental framework, though ratification and enforcement remain uneven across member states. Kenya's Computer Misuse and Cybercrimes Act and the Data Protection Act 2019 set domestic obligations, but dedicated AI governance legislation is still in early development, leaving a policy gap that events such as GITEX Kenya are increasingly being used to address.

For enterprise buyers, Kaspersky's recommended posture includes formal AI governance policies defining approved tools and data-handling boundaries, regular training on prompt injection and fake AI service risks, and deployment of security information and event management tooling. The company cited its own Kaspersky SIEM and Next product lines in that context. The next near-term signal to watch is whether the surge in regional AI adoption translates into greater enterprise security budget allocation, a trend that several global managed detection and response vendors are already positioning to capture.