A global cybersecurity company, Kaspersky, has warned that the growing adoption of artificial intelligence (AI) across Kenya and the wider East African region is driving a new wave of sophisticated cyber threats, including deepfake scams, AI-powered phishing attacks and unauthorised use of AI tools in the workplace.
The warning was issued during the AI Everything Kenya x GITEX Kenya event held in the capital, Nairobi, where industry leaders discussed both the opportunities and risks associated with the rapid deployment of AI technologies.
According to Kaspersky, cybercriminals are increasingly using AI to create convincing social engineering campaigns, generate realistic deepfakes and automate attacks aimed at stealing sensitive information and compromising business systems.
The company’s threat intelligence data indicates that cyber risks are escalating in Kenya. Password-stealing attacks increased by 83 per cent in 2025 compared to the previous year, while spyware attacks also rose by 83 per cent. Backdoor attacks, which allow unauthorised access to systems, increased by 25 per cent.
Kaspersky further noted that ransomware remains a significant challenge across Africa. The company reported that 7.62 per cent of organisations on the continent detected ransomware attacks on their systems during 2025.
Chris Norton, General Manager for Sub-Saharan Africa at Kaspersky, said organisations are increasingly recognising cybersecurity as a critical component of digital transformation.
“As organisations in Kenya and the wider region accelerate digital transformation, cybersecurity is becoming a board-level priority,” Norton said. “We are seeing growing awareness that innovation and security must develop hand in hand.”
He added that industry platforms such as GITEX provide an important opportunity for businesses to better understand emerging technologies and the risks associated with them.
Related:
- Google Highlights Rapid Growth of AI-Enabled Hacking Threats
- Glemad Launches AI System to Counter Cyber Threats Across Africa
- Nairobi Hosts Landmark AI Showcase for Global Tech and African Startups
A key concern highlighted by Kaspersky is the rise of “Shadow AI,” where employees use public AI tools without approval or oversight from corporate IT departments. The company warned that such practices can expose confidential information, create compliance risks and increase an organisation’s vulnerability to cyberattacks.
Kaspersky cited findings from a recent study showing that 87.8 per cent of professionals surveyed in Kenya use AI tools for work-related tasks. However, only 35 per cent said they had received cybersecurity training specifically related to AI usage, revealing what the company described as a significant awareness gap.
The cybersecurity firm urged organisations to establish clear AI governance policies, strengthen security controls and invest in employee education to reduce emerging risks.
The warning comes as businesses across East Africa continue to expand investments in AI, cloud computing and other digital technologies. While these innovations are improving efficiency and competitiveness, cybersecurity experts caution that they are also creating new attack surfaces for cybercriminals.
Separately, Kaspersky reported that between January and early May 2026, its security systems detected more than 92,000 attacks worldwide involving malware and potentially unwanted applications disguised as popular AI services and tools.
Researchers also identified more than 15,000 malware samples masquerading as AI software. According to the company, these threats included banking trojans, spyware and malware downloaders capable of installing additional malicious programs on infected devices.
“The introduction of AI agents into enterprise environments changes the nature of trust itself,” said Dmitry Galov, Head of Russia and CIS units at Kaspersky’s Global Research and Analysis Team. “Every automated action becomes part of a wider chain of systems and data exchanges.”
Galov warned that cybercriminals are increasingly exploiting the popularity of AI technologies and trusted AI brands to deceive users into revealing confidential information or downloading malicious software.
Kaspersky advised businesses to regularly assess AI-related risks, monitor suspicious AI-generated content and strengthen data protection measures. It also encouraged individuals to use reputable AI services, review privacy settings carefully and verify AI-generated information before acting on it.
As AI adoption accelerates across Africa, the company said organisations must ensure cybersecurity and AI governance evolve alongside technological innovation to protect critical systems and data from increasingly sophisticated threats.
Senior Reporter/Editor
Bio: Ugochukwu is a freelance journalist and Editor at AIbase.ng, with a strong professional focus on investigative reporting. He holds a degree in Mass Communication and brings extensive experience in news gathering, reporting, and editorial writing. With over a decade of active engagement across diverse news outlets, he contributes in-depth analytical, practical, and expository articles exploring artificial intelligence and its real-world impact. His seasoned newsroom experience and well-established information networks provide AIbase.ng with credible, timely, and high-quality coverage of emerging AI developments.