The financial sector in Pakistan has experienced a significant rise in cyber threats during 2024, according to statistics released by global cybersecurity firm Kaspersky.
Data from the Kaspersky Security Network revealed that 13.7% of users in Pakistan faced web-based threats during the third quarter of 2024, including phishing attacks and malicious websites targeting sensitive user information. Additionally, 18.7% of users encountered local threats, such as malware spread through USB drives and encrypted file installers, which evade detection and compromise system security.
Speaking at the Cyber Threat Intelligence Summit in Islamabad, Kaspersky provided a detailed analysis of the growing cyber threat landscape in Pakistan. Financial malware and spyware attacks have seen a marked rise, posing serious risks to both individuals and institutions. Ransomware, phishing, and espionage-driven malware remain key threats, with Advanced Persistent Threat (APT) groups like Lazarus and SideWinder orchestrating sophisticated campaigns aimed at stealing sensitive data.
The financial sector has been particularly vulnerable, with a 114% increase in banking and financial malware attacks between January and October 2024 compared to the same period last year. These attacks primarily target digital financial operations, significantly endangering financial security. Kaspersky experts also flagged an alarming trend of rising financial cyberthreats on smartphones, a phenomenon expected to persist into 2025.
Spyware attacks in Pakistan surged by 63% during the first ten months of 2024. This type of malware gathers and transmits user data to unauthorized entities, raising critical privacy concerns for both corporate and government sectors. Experts warn that attacks exploiting stolen data could see a sharp increase in 2025.
Industrial Control Systems (ICS) also face mounting threats, particularly in critical infrastructure sectors such as energy, utilities, and manufacturing. According to Kaspersky, 29.51% of ICS computers in Pakistan were targeted by cyberthreats in Q3 2024. These attacks range from malicious scripts and phishing pages to more sophisticated malware designed to compromise operational technology systems.
“Pakistan’s rapid technological integration must be matched with robust cybersecurity measures,” said Dmitry Berezin, Kaspersky’s Global Security Expert. “Organizations need to adopt proactive, multi-layered cybersecurity frameworks, incorporating real-time threat intelligence, continuous monitoring, and incident response. Employee education is equally crucial. Individuals should use advanced security solutions and follow cybersecurity hygiene principles to protect their digital lives.”
As cyber threats grow increasingly complex, both institutions and individuals in Pakistan must prioritize cybersecurity to safeguard sensitive data and digital assets.