Until the .ke top level domain is signed, we can't really trust the identify of any site under .ke that doesn't use an SSL certificate (i.e. the regular google.co.ke without "https").
That seems to make sense. They need to get it signed pronto, especially considering how popular the domain actually is. Aside: do you find it strange .co.ke brought together spells Coke?
http://stats.research.icann.org/dns/tld_report/
I'm pretty confident that Google's systems weren't cracked and that this was something like a DNS attack on one of the ISPs or similar.
Does anybody have any more information?