Coordinated Attack Breaches Multiple Ministries

The Government of Kenya has confirmed that a coordinated cyberattack on Monday, November 17, 2025, rendered multiple key ministry websites inaccessible. In a statement released the same day, Interior Principal Secretary Dr. Raymond Omollo acknowledged the breach, which saw several government platforms defaced with extremist, white supremacist slogans before services were restored. The incident has intensified scrutiny of the nation's cybersecurity posture amid a rapid digitization of public services.

The attack, which began early Monday morning, affected the websites of the Ministries of Interior, Health, Education, Labour, Water, Tourism, and ICT, among others. Some pages, including that of the State House, were also temporarily offline. Visitors to the affected sites were met with messages such as "Access denied by PCP," "We will rise again," and neo-Nazi rhetoric including "14:88 Heil Hitler." PS Omollo, who also chairs the National Computer and Cybercrimes Coordination Committee (NC4), stated that preliminary investigations attribute the attack to a group identifying itself as ‘PCP@Kenya’.

Government Response and Investigation

According to the official government statement, emergency response procedures were activated immediately following the disruption. “Technical teams worked with stakeholders to stabilise the situation and restore affected platforms,” PS Omollo confirmed on Monday. He assured the public that the situation was contained and that the systems were under continuous monitoring. While essential services on platforms like eCitizen, the National Transport and Safety Authority (NTSA), and the Judiciary remained operational, the defacement of high-profile ministry websites caused significant public concern over the security of national data.

The government has warned that those responsible will face prosecution under the full extent of Kenyan law, citing the Computer Misuse and Cybercrimes Act (2018), the Kenya Information and Communications Act, and the Data Protection Act (2019). “We assure the public of our continued commitment to the national digital transformation agenda and the security of the national digital infrastructure,” PS Omollo added, urging citizens to report suspicious online activity to the National Kenya Computer Incident Response Team Coordination Centre (National KE-CIRT/CC).

A Pattern of Escalating Digital Threats

This incident is not isolated. It occurs within a context of rapidly escalating cyber threats in Kenya and the broader East African region. A July 2023 cyberattack, claimed by a group called 'Anonymous Sudan', severely disrupted the eCitizen portal, which hosts over 5,000 government services, affecting passport applications, business registrations, and mobile money transactions. That attack was framed as retaliation for Kenya's alleged interference in Sudanese affairs.

Recent data highlights the scale of the challenge. The Communications Authority of Kenya (CA) reported a staggering 2.54 billion cyber threat incidents in the first quarter of 2025 alone, a 201.7% increase from the previous quarter. In the year leading up to June 2025, Kenya recorded 8.6 billion cyberattacks, more than double the previous year. This places Kenya among the top three most targeted countries in Africa, alongside Nigeria and South Africa. Experts note that the growing reliance on digital technologies, without corresponding investments in robust security, exposes critical infrastructure to significant risk.

In response to these growing threats, the government launched the National Cybersecurity Strategy (2022–2027) on August 5, 2022. The strategy aims to establish stronger governance structures, protect critical information infrastructure, and enhance national and international cooperation to combat cybercrime. However, the success of Monday's attack underscores the persistent vulnerabilities and the continuous need for vigilance and investment in securing the nation's digital frontier as part of the Digital Superhighway agenda. A 2024 survey by PwC revealed that 74% of East African organizations now consider cyber risks a top concern, significantly higher than the global average, reflecting the growing awareness of the threat landscape in the region.