- Advertisement -
ISLAMABAD, Nov 15 (APP): Kaspersky has urged people in Pakistan to stay alert online and follow basic cyber-hygiene practices to protect themselves.
After participating in the CTI Summit 2025 in Islamabad, the global cybersecurity company released new data on the country’s cyberthreat landscape and shared practical safety advice.
Kaspersky’s Global Security Expert, Dmitry Berezin, said Pakistan continues to face serious cyber risks, including exploits, ransomware, and advanced targeted attacks. He told reporters that organisations must understand how fast cyberthreats are growing and becoming more sophisticated.
Kaspersky recorded more than 5.3 million on-device attacks in Pakistan between January and September 2025.
About 27 percent of users and 24 percent of corporate networks were exposed to malware spread through infected USBs, CDs, DVDs, and hidden installers.
These included ransomware, worms, trojans, backdoors, spyware, and password-stealing tools.
During the same period, Kaspersky blocked over 2.5 million web-based attacks. Around 16 percent of users and 13 percent of companies faced threats such as phishing, botnets, exploits, Remote Desktop Protocol attacks, and fake Wi-Fi networks.
A closer breakdown showed more than 354,000 exploitation attempts were stopped, along with 166,000 cases of banking malware, 126,000 spyware attacks, 113,000 backdoors, and 107,000 password stealers. Ransomware, which usually targets specific high-value victims rather than the public at large, was detected 42,000 times.
The most exploited vulnerabilities included two recently discovered issues in 2025 in 7-Zip, along with older flaws in Microsoft Office, HTML, WinRAR, VLC Player, and Notepad++. Kaspersky said this highlights the importance of timely software updates for both individuals and organisations.
Ransomware remains one of the biggest causes of corporate cyber incidents in Pakistan and globally.
Attackers often focus on government departments and large enterprises. Kaspersky said that strong defence requires a mix of preventive and response steps, including regular patching, strong authentication, limited remote access, and the use of Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) tools. Regular data backups and continuous staff training are also essential to reduce phishing-related risks.
Kaspersky also revealed that Pakistan is currently targeted by seven Advanced Persistent Threat (APT) groups. These groups—both old and newly emerging—focus on telecom and financial sectors, critical infrastructure, and government organisations, and are expanding into commercial industries as well.
APT groups frequently change their methods. Kaspersky monitored a recent campaign by an APT group known as “Mysterious Elephant,” which targets organisations across the Asia-Pacific region.
The group aims to steal sensitive files, images, documents, and even WhatsApp data. In 2025, the attackers used exploit kits, personalised spear-phishing emails, and malicious documents to break into specific networks. Once inside, they used various tools to increase their access, move within the system, and steal confidential data.
Berezin said some threats are widespread, while others are highly targeted.
He noted that zero-day vulnerabilities are often used in attacks linked to ransomware and APT groups. Understanding which threats are active in the region, he added, helps organisations adjust their security controls in advance.
Kaspersky advised individuals to learn basic cyber-safety principles, use trusted security tools like Kaspersky Premium, install updates regularly, and back up important data.
For organisations, it recommended assessing their IT systems, using strong protection tools from endpoint to XDR, accessing threat intelligence, updating cybersecurity policies, and training employees through platforms such as Kaspersky Security Awareness.