People and society organisations were among the most targeted firms by cybercriminals from Kenya last year, a new report shows.
A report by Cloudflare, an American cyber security company that provides cloud cybersecurity services and distributed denial of services (DDoS) mitigation among others found that 15.2 percent of people and society organisations were targeted followed by firms in the food and drinks sectors at 12.5 percent.
A DDoS attack is a cybercrime where attackers flood a server with internet traffic to prevent users from accessing connected online services and sites.
“While we can't predict which industry attackers will target the most, we do know all industries get attacked. No matter the industry, your best bet is to keep your guard up,” said Cloudflare.
“People and society organisations were the most targeted by attacks from Kenya.”
The cybersecurity firm said on a chart that the bars represented the percentage of mitigated traffic from Kenya that is targeting each category, calculated on a weekly basis.
The chart showed that 12.4 percent of attacks stopped from Kenya were directed to the health sector and nine percent to business and industries.
It also shows that 8.7 percent of the attacks mitigated were directed to the automotive sector, 8.5 percent to real estate and 6.2 percent to the beauty and fashion sectors.
Cyber criminals from Kenya attacked other sectors including 4.5 to the arts and entertainment industries and in finance while internet and telcos attracted 3.7 percent of the traffic.
The lowest hit sectors on average were news publications, law and government sites at 2.9 percent, 2.8 percent in gambling and tourism at 1.3 percent.
Attacks towards people and society organisations peaked from mid-July and August 2024 crossing over 60 percent, among the highest mitigated traffic in the year.
In this period, 15.6 percent of attacks were categorized as distributed denial of service.
The data from Cloudflare shows that 6.4 percent of traffic was mitigated implying that most of the attacks were successful.
"Customers may choose to mitigate traffic for a variety of reasons, even if the traffic isn't suspected to be malicious," Cloudflare said.
"However, for malicious traffic, DDoS mitigation techniques and Web Application Firewall (WAF) Managed Rules are two of the most effective defences against Application Layer (Layer 7) attacks. These attacks can knock an unprotected web site offline or attempt to steal customer data."
Bot traffic which describes non-human traffic was significant on Safaricom network at 44.51 percent.
“Not all bots are bad. Cloudflare maintains a list of 'Verified' good bots to help keep the internet healthy,” added Cloudflare.