A cyberattack on **Monday, [date not specified]**, targeted multiple high-profile Kenyan government ministry websites, including the **Ministries of Interior, Health, Education, Energy, Labour, and Water**. The attack defaced these platforms with **racist and white supremacist messages** (e.g., *“We will rise again,” “White power worldwide,” “14:88 Heil Hitler”*), disrupting public access for hours. The intrusion was attributed to a group identifying itself as **‘PCP@Kenya’**, though no formal claim of responsibility was made. While **no sensitive financial data or core government systems were compromised**, the incident exposed vulnerabilities in Kenya’s **public-sector digital infrastructure**, prompting an urgent response from national cybersecurity teams (KE-CIRT). The attack was **contained quickly**, with systems restored and placed under continuous monitoring. However, the defacement of **six key ministries’ websites**—critical for public services—raised concerns about **reputational damage, public trust erosion, and potential future exploits**. No evidence linked the attack to broader regional coordination, though it followed a **Somalia e-Visa breach** reported 24 hours prior.
Source: https://thecyberexpress.com/government-of-kenya-cyberattack/
Government of Kenya cybersecurity rating report: https://www.rankiteo.com/company/gok-government-of-kenya
"id": "GOK3562035111825",
"linkid": "gok-government-of-kenya",
"type": "Cyber Attack",
"date": "11/2025",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'customers_affected': 'Citizens and users of ministry '
'websites',
'industry': 'Public Sector',
'location': 'Kenya',
'name': 'Government of Kenya',
'type': 'Government'},
{'industry': 'Public Sector',
'location': 'Kenya',
'name': 'Ministry of Interior (Kenya)',
'type': 'Government Ministry'},
{'industry': 'Healthcare',
'location': 'Kenya',
'name': 'Ministry of Health (Kenya)',
'type': 'Government Ministry'},
{'industry': 'Education',
'location': 'Kenya',
'name': 'Ministry of Education (Kenya)',
'type': 'Government Ministry'},
{'industry': 'Energy',
'location': 'Kenya',
'name': 'Ministry of Energy (Kenya)',
'type': 'Government Ministry'},
{'industry': 'Labor',
'location': 'Kenya',
'name': 'Ministry of Labour (Kenya)',
'type': 'Government Ministry'},
{'industry': 'Utilities',
'location': 'Kenya',
'name': 'Ministry of Water (Kenya)',
'type': 'Government Ministry'}],
'date_detected': '2023-11-13T00:00:00Z',
'date_publicly_disclosed': '2023-11-13T00:00:00Z',
'description': 'The Government of Kenya cyberattack on Monday morning left '
'several ministry websites defaced with racist and white '
'supremacist messages, disrupting access for hours. The attack '
'targeted high-profile platforms, including the ministries of '
'Interior, Health, Education, Energy, Labour, and Water. Users '
"encountered extremist messages such as 'We will rise again,' "
"'White power worldwide,' and '14:88 Heil Hitler.' The "
"suspected group, 'PCP@Kenya,' is under investigation. The "
'incident was contained, and systems were placed under '
'continuous monitoring. No sensitive financial data or core '
'government systems were compromised.',
'impact': {'brand_reputation_impact': 'High (due to racist and extremist '
'messaging on government platforms)',
'downtime': 'Several hours',
'operational_impact': 'Temporary inaccessibility of public-facing '
'ministry websites; extremist messages '
'displayed to users',
'systems_affected': ['Ministry of Interior website',
'Ministry of Health website',
'Ministry of Education website',
'Ministry of Energy website',
'Ministry of Labour website',
'Ministry of Water website']},
'investigation_status': "Ongoing (suspected group 'PCP@Kenya' under "
'investigation; no formal claim of responsibility)',
'motivation': ['Hate Speech', 'Racism', 'White Supremacy', 'Disruption'],
'references': [{'date_accessed': '2023-11-13',
'source': 'Government of Kenya Interior Ministry Statement'},
{'date_accessed': '2023-11-11',
'source': 'U.S. Embassy in Somalia Advisory'}],
'response': {'communication_strategy': ['Public statement by Interior '
'Ministry',
'Encouraging citizens to report '
'relevant information to National '
'KE-CIRT'],
'containment_measures': ['Securing affected systems',
'Restoring access to platforms'],
'enhanced_monitoring': True,
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'recovery_measures': ['Continuous monitoring to prevent further '
'disruption']},
'stakeholder_advisories': ['Citizens encouraged to report relevant '
'information to National KE-CIRT'],
'threat_actor': 'PCP@Kenya (suspected)',
'title': 'Government of Kenya Cyberattack with Defacement and Racist Messages',
'type': ['Defacement', 'Cyberattack', 'Website Disruption']}