Dozens of official Kenyan government websites were knocked offline and defaced in a coordinated, widespread cyberattack on Monday morning.
The attack, which appears to be a large-scale defacement, affected websites across numerous ministries and key state agencies. Visitors to the compromised sites were met with white supremacist and neo-Nazi messages.
The high-profile websites targeted include: State House, Ministry of Interior, Ministry of Health, Ministry of Education, Ministry of Labour, Ministry of ICT, Ministry of Environment, Ministry of Tourism, Directorate of Criminal Investigations (DCI), Immigration Department, The Hustler Fund portal and Nairobi County.
Instead of their usual content, the hacked pages displayed messages including "We will rise again," "White power worldwide," and the neo-Nazi numeric code "14:88 Heil Hitler”.
While some of the sites appear to be back online at lunchtime, the breach left thousands of Kenyans unable to access routine government information and services from the affected portals.
As of time of publication, no group has claimed responsibility for the cyberattack. Neither has the government issued an official statement regarding the breach or provided a timeline for the restoration of the affected services.
This mass defacement occurs against a backdrop of a rapidly escalating and complex cyber threat landscape in Kenya. Recent data reveals a nation grappling with a high volume of attacks, even as it invests heavily in its cyber defences.
According to the latest quarterly reports from the Communications Authority of Kenya (CA) and its National Computer Incident Response Team (KE-CIRT/CC), between July and September 2025, the National KE-CIRT/CC detected over 842 million cyber threat events and issued more than 19 million cybersecurity advisories. This illustrates the constant, automated siege on the country's digital infrastructure.
Most of these threats are classified as system attacks, which typically exploit unpatched software, poor configurations, and weak credentials.
This incident marks one of the most significant defacement attacks on the Kenyan government's digital infrastructure, raising serious questions about the cybersecurity measures in place across various state agencies.
Share
