Islamabad (TDI): According to data shared by global cybersecurity company Kaspersky, over 5.3 million on-device attacks were detected in Pakistan in three quarters of 2025 (January-September).
27% of all users and 24% of corporate entities faced malware delivered via infected USB drives, CDs, DVDs, and hidden installers, including ransomware, worms, backdoors, trojans, password stealers, and spyware.
These statistics were shared by the company during a media briefing session, led by Dmitry Berezin, Kaspersky’s Global Security Expert; where he focused on pressing cyberthreats facing the country, including exploits, ransomware and advanced targeted attacks.
Understanding the growing and increasingly sophisticated cyberthreat landscape is crucial for organizations, while individuals should also stay aware and follow fundamental cyber hygiene principles, Kaspersky advices.
In the first three quarters of 2025, over 2.5 million web attacks were blocked by Kaspersky solutions: 16% of all users and 13% of corporate entities faced web-based threats, that include phishing scams, exploits, botnets, Remote Desktop Protocol attacks, and network spoofing, such as fake Wi-Fi networks.
More detailed statistic by malware types showed over 354,000 exploitation attempts stopped by Kaspersky solutions, 166,000 banking malware detections, 126,000 spyware attacks prevented, 113,000 backdoors and 107,000 password stealers blocked.
Read More: Pakistan Launches Major Cyber Attack, Hits BJP and Indian Power Grid
Ransomware attacks, which are not characterized by mass distribution, but are more targeted on specific victims, were detected 42,000 times.
Top exploited vulnerabilities in Pakistan included two from 2025 in 7-Zip and several from previous years in Microsoft Office, HTML, WinRar, VLC player and Notepad++. This underscores the importance of timely updates both by individuals and organizations.
Furthermore, ransomware remains a leading reason of corporate cyber incidents globally and in Pakistan, with targeted groups selecting high-value victims across government and enterprise.
Effective defense requires a combination of prevention and response actions. These include adopting rigorous patching, strong authentication, restricted remote access, deployment of endpoint detection and response (EDR) and extended detection and response (XDR) solutions such as those from the Kaspersky Next product line, regular backups, and continuous user awareness to mitigate phishing-driven initial access.
Kaspersky shared that the Pakistan is a focus for seven Advanced Persistent Threat (APT) groups. These both established and emerging groups target telecoms and financial services, critical infrastructure, defense, and government entities, while also extending their reach into commercial and emerging industries.
Read More: Pakistan, UK to Strengthen Cooperation on Security, Extradition and Cybercrime
APT groups quickly adapt their tactics, techniques, and procedures. One such example of significant shift in tactics is seen in the recent targeted campaign, monitored by Kaspersky, by the APT group called ‘Mysterious Elephant’, that primarily targets organizations across the Asia-Pacific region, including in Pakistan.
It aims to steal highly sensitive information, including documents, images, and archived files, with WhatsApp data targeted for exfiltration. In their 2025 campaign the attackers use a combination of exploit kits, personalized spear-phishing emails, and malicious documents, tailoring each attack to specific victims to gain initial access.
Once inside the network, the threat actor employs a variety of tools and techniques to escalate privileges, move laterally, and exfiltrate sensitive data.
“Some threats are distributed widely, while others are highly focused. For example, exploitation of 0-day vulnerabilities is a tactic that is used by sophisticated cybercriminals in attacks such as ransomware and advanced persistent threats,” commented Dmitry Berezin, Kaspersky’s Global Security Expert.
“Understanding the threat landscape becomes an operational necessity: when you know which threats are active in the region, you can fine-tune the security controls to be proactively protected against them.”
Established in December 2008, The Diplomatic Insight is Pakistan’s premier diplomacy and foreign affairs magazine, available in both digital and print formats.
