At AI Everything Kenya x GITEX Kenya, taking place from 19-21 May, global cybersecurity company, Kaspersky (www.Kaspersky.co.za), talks about the current threat landscape in Kenya and the wider East Africa region, warning that the rapid development and adoption of artificial intelligence is creating new opportunities for innovation while simultaneously introducing cyberthreats for businesses and individual users. With risks varying from AI-powered social engineering campaigns and deepfake fraud to “Shadow AI” risks inside organisations, Kaspersky advises organisations to adopt clear policies, cybersecurity controls and employee education to ensure AI technologies are deployed safely and responsibly.
“As organisations in Kenya and the wider region accelerate digital transformation, cybersecurity is becoming a board-level priority. We are seeing growing awareness that innovation and security must develop hand in hand. Industry events such as GITEX play an important role in this process by helping businesses better understand both the impressive opportunities AI and digital technologies create, and the precautions needed to manage the evolving cyber risks that come with them,” says Chris Norton, General Manager for Sub-Saharan Africa at Kaspersky.
Cyberthreat landscape developments
AI risks come amid other cybersecurity challenges of the evolving threat landscape in the region. Kaspersky data demonstrates that in 2025, password stealer attacks increased by 83% year-over-year in Kenya and 56% across Sub-Saharan Africa. Spyware attacks grew by the same figure of 83% in Kenya and 53% regionally, while backdoor attacks rose by 25% in Kenya and 8% across Sub-Saharan Africa. Although exploit attacks showed a slight decline, they remain a major concern due to their mass spread and unauthorised access they open to a users’ systems. Meanwhile, ransomware continues to pose a serious risk to organisations, with 7.62% of organisations in Africa experiencing ransomware detections in 2025.
Advanced Persistent Threats (APTs) remain among the most serious risks for enterprises. According to the Kaspersky Security Services Global Report, APT groups were detected and blocked in 21% of customers in 2025 and accounted for 23% of all high-severity incidents. These highly organised groups increasingly combine AI-enhanced techniques with social engineering and targeted intrusion methods to maximise operational effectiveness.
Cybersecurity traps of AI
According to Kaspersky experts, cybercriminals can use AI across multiple stages of cyberattacks: from preparation and communication to assembling malicious components, probing for vulnerabilities and deploying tools, while simultaneously concealing evidence of AI involvement to complicate investigations and attribution. Malicious actors are also actively distributing malware disguised as AI tools to steal sensitive information from victims.
One of the growing cybersecurity issues is the spread of deepfakes and AI-generated fraudulent content. As AI tools become more and more sophisticated, distinguishing authentic material from manipulated ones is becoming more difficult. Kaspersky researchers warn that AI models can also be vulnerable to “unintended memorisation”, where models retain fragments of sensitive information that attackers may later extract. Additional risks include malicious tampering with training datasets, injection of harmful logic into AI software code and exploitation of vulnerabilities within AI-powered systems.
The emergence of AI agents, which are systems capable of autonomously taking actions on behalf of users, creates another significant attack surface. According to Kaspersky, these systems can be manipulated through adversarial content or misconfigured autonomy settings, potentially leading to harmful real-world actions.
Kaspersky also highlights the growing challenge of “Shadow AI”, where employees use public AI services without oversight from IT departments. This creates uncontrolled data flows and increases the risk of confidential information exposure. A recent Kaspersky study* titled “Cybersecurity in the workplace: Employee knowledge and behaviour” showed that 87.8% of professionals surveyed in Kenya use AI tools for work-related tasks, including text editing, e-mail writing, data analytics and content creation. However, only 35% reported receiving cybersecurity training related to AI use.
Essential Actions in the AI-driven IT world
Kaspersky recommends organisations to regularly assess AI-related risks and establish comprehensive AI governance policies defining which AI tools are approved and what types of data can be processed. Regular employee training on secure AI usage, recognition of fake AI services, malicious links and prompt injection risks is equally essential.
To effectively manage the growing range of cyber risks, organisations should adopt a comprehensive cybersecurity strategy that combines advanced security technologies, reliable threat intelligence, strong internal processes and continuous employee education. Robust cybersecurity solutions, such as the AI-powered Kaspersky SIEM and Kaspersky Next product line, provide real-time protection, threat visibility, investigation and response capabilities.
For private users, Kaspersky recommends exercising caution when using AI-powered tools, carefully reviewing privacy settings, verifying the authenticity of AI applications and double-checking information generated by agentic AI systems before making decisions based on automated outputs. The company also advises families to maintain open discussions with children regarding their use of AI technologies and online safety practices.
Visit the Kaspersky stand at B10 in Hall 2 at GITEX Kenya to find out more.
*The survey was conducted by Toluna research agency at the request of Kaspersky in 2025. The study sample included 2800 online interviews with employees and business owners using computers for work in seven countries: Türkiye, South Africa, Kenya, Pakistan, Egypt, Saudi Arabia, and the UAE.
Distributed by APO Group on behalf of Kaspersky.
For further information please contact:
Nicole Allman
[email protected]
Follow us:
Facebook: https://apo-opa.co/4nLqCEA
X: https://apo-opa.co/4tMpX7b
YouTube: https://apo-opa.co/4eWkiaO
Instagram: https://apo-opa.co/43hqovf
Blog: https://apo-opa.co/4uUPQm5
About Kaspersky:
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect individuals, businesses, critical infrastructure, and governments around the globe. The company’s comprehensive security portfolio includes leading digital life protection for personal devices, specialized security products and services for companies, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help millions of individuals and nearly 200,000 corporate clients protect what matters most to them. Learn more at www.Kaspersky.co.za.