Select Language:
Pakistan faces around one million cyberattacks every month, according to a global cybersecurity company that has identified seven sophisticated threat groups targeting the country’s government, intelligence agencies, oil and gas sector, and private businesses. These cyber threats aim to steal sensitive data from devices like computers, laptops, and smartphones, often utilizing unsecure Wi-Fi networks.
In just the first nine months of this year, over 5.3 million malware incidents were detected on devices in Pakistan, with an additional 2.5 million web threats identified during the same period. These stolen data are frequently sold on the Dark Web for various malicious purposes. The financial sector, including banks and insurance companies, also suffered attacks, though they have been hesitant to disclose specific details.
During a media briefing, Dmitry Berezin, Kaspersky’s Global Security Expert, emphasized the ongoing threat landscape, which includes exploits, ransomware, and targeted attacks. He stressed that understanding these evolving risks is vital for organizations, and individuals should also practice basic cybersecurity hygiene.
Kaspersky’s data shows that roughly 27% of users and 24% of companies have encountered malware from infected USB drives, CDs, DVDs, or hidden installers. These threats include ransomware, worms, backdoors, Trojans, password stealers, and spyware. Furthermore, over 2.5 million web attacks were blocked, comprising phishing schemes, exploits, botnets, Remote Desktop Protocol attacks, and fake Wi-Fi networks.
Detailed malware statistics reveal that more than 354,000 exploitation attempts and 166,000 banking malware instances were stopped. Spyware attacks totaled approximately 126,000, backdoors 113,000, and password stealers 107,000. Ransomware, which often targets specific victims rather than spreading widely, was detected around 42,000 times.
Critical vulnerabilities in Pakistan include two from 2025 in 7-Zip and several from previous years affecting Microsoft Office, HTML, WinRar, VLC Player, and Notepad++. This highlights the importance of timely updates for both individuals and organizations.
Globally and in Pakistan, ransomware continues to be a top cause of cyber incidents, especially targeting high-value government and corporate entities. Effective defenses require a combination of preventive measures and swift response strategies, such as rigorous patch management, strong authentication protocols, limited remote access, deployment of endpoint detection and response (EDR), extended detection and response (XDR) tools like Kaspersky’s Next line, regular backups, and ongoing user awareness to combat phishing attempts.
The cybersecurity firm also reports that Pakistan is a focus for seven APT (advanced persistent threat) groups, which frequently adapt their tactics to target telecoms, financial institutions, critical infrastructure, defense, and government agencies. These groups often employ new methods, exemplified by the “Mysterious Elephant” campaign, which primarily targets organizations in the Asia-Pacific region, including Pakistan. Their tactics include exploit kits, personalized spear-phishing emails, and malicious documents designed to exfiltrate sensitive information, such as documents, images, archived files, and WhatsApp data.
Berezin pointed out that some threats are broad but others are highly targeted, with cybercriminals exploiting zero-day vulnerabilities in ransomware and APT attacks. Staying informed about active threats enables organizations to fine-tune security measures proactively.
Individuals are advised to prioritize cyber hygiene—regularly updating devices, securing them with reliable solutions, and backing up important data. Organizations should assess their IT infrastructure, implement comprehensive security solutions like endpoint protection, threat intelligence, cybersecurity policies, and employee training through platforms like Kaspersky Security Awareness.
ChatGPT
Perplexity
Gemini AI
Grok AI
