Kaspersky Warns Of Rising AI-Driven Threats In EA

Global cybersecurity company Kaspersky has warned that the rapid adoption of artificial intelligence across Kenya and the wider East African region is creating new cybersecurity risks for businesses and individual users, even as organisations accelerate digital transformation efforts.

Speaking at the ongoing AI Everything Kenya x GITEX Kenya, taking place from May 19-21, the company highlighted how AI technologies are increasingly being exploited by cybercriminals through deepfake fraud, AI-powered social engineering campaigns and the growing use of unregulated AI tools within organisations.

According to Kaspersky, businesses across the region are facing a more complex threat landscape as AI becomes more integrated into everyday operations.

“As organisations in Kenya and the wider region accelerate digital transformation, cybersecurity is becoming a board-level priority. We are seeing growing awareness that innovation and security must develop hand in hand. Industry events such as GITEX play an important role in this process by helping businesses better understand both the impressive opportunities AI and digital technologies create, and the precautions needed to manage the evolving cyber risks that come with them,” says Chris Norton.

The company’s latest data shows that cyberattacks continue to rise sharply across Kenya and Sub-Saharan Africa. In Kenya alone, password stealer attacks increased by 83% year-over-year in 2025, while spyware attacks recorded a similar 83% increase. Backdoor attacks rose by 25% during the same period.

Across Sub-Saharan Africa, password stealer attacks increased by 56%, spyware attacks by 53%, and backdoor attacks by 8%.

Kaspersky also noted that exploit attacks remain a major concern despite a slight decline, largely due to the unauthorised access they provide to systems. Ransomware continues to be a significant threat as well, with 7.62% of organisations in Africa reportedly experiencing ransomware detections in 2025.

The company further warned about the continued growth of Advanced Persistent Threats (APTs), which remain among the most dangerous cybersecurity risks facing enterprises. According to Kaspersky Security Services Global Report, APT groups were detected and blocked in 21% of customers in 2025 and accounted for 23% of all high-severity incidents globally.

Kaspersky experts say cybercriminals are increasingly using AI throughout the attack chain, including during reconnaissance, phishing campaigns, malware development and vulnerability testing. The company also warned that malicious actors are disguising malware as AI tools to trick users into downloading harmful software capable of stealing sensitive information.

Among the key concerns highlighted was the rapid spread of deepfakes and AI-generated fraudulent content, which is making it increasingly difficult for users to distinguish authentic content from manipulated material.

The company also pointed to vulnerabilities within AI systems themselves, including risks linked to “unintended memorisation”, where AI models retain fragments of sensitive information that could later be extracted by attackers. Other concerns include tampered training datasets, malicious code injection and vulnerabilities within AI-powered platforms.

Kaspersky additionally raised concerns around the rise of AI agents — systems capable of autonomously performing tasks on behalf of users. According to the company, these systems could become targets for manipulation through adversarial content or poorly configured autonomy settings, potentially resulting in harmful actions.

Another emerging risk identified by the company is “Shadow AI”, where employees use publicly available AI tools without the knowledge or approval of IT departments.

A recent Kaspersky study titled “Cybersecurity in the workplace: Employee knowledge and behaviour” found that 87.8% of professionals surveyed in Kenya use AI tools for work-related tasks such as text editing, email writing, analytics and content creation. However, only 35% said they had received cybersecurity training related to AI use.

The survey, conducted in 2025 by research agency Toluna on behalf of Kaspersky, included 2,800 employees and business owners across Kenya, South Africa, Egypt, Saudi Arabia, the UAE, Türkiye and Pakistan.

To address the growing risks, Kaspersky is urging organisations to establish clear AI governance policies, define approved AI tools and implement regular employee training focused on secure AI usage and the identification of fake AI services and malicious links.

The company also recommends that organisations adopt broader cybersecurity strategies combining advanced security technologies, threat intelligence, internal governance and continuous staff education.

For individual users, Kaspersky advises caution when using AI-powered platforms, including reviewing privacy settings, verifying the legitimacy of AI applications and carefully checking AI-generated information before acting on it.

The company is showcasing its cybersecurity solutions, including AI-powered security technologies, at Stand B10 in Hall 2 during GITEX Kenya.