Islamabad, November 15, 2025 — Pakistan experienced over 5.3 million on-device cyber-attacks between January and September 2025, according to new data released by Kaspersky following the CTI Summit 2025 in Islamabad.
The cybersecurity firm has urged users and organisations across the country to strengthen digital safety and adopt essential cyber-hygiene practices.
Kaspersky’s Global Security Expert, Dmitry Berezin, warned that Pakistan continues to face serious and fast-evolving cyber risks, including exploits, ransomware, and advanced targeted attacks. He stressed the need for organisations to recognise the speed at which cyberthreats are growing in scale and sophistication.
The company reported that 27% of individual users and 24% of corporate networks encountered malware spread through infected USBs, CDs, DVDs, and hidden installers. These threats included ransomware, trojans, worms, backdoors, spyware, and password-stealing tools.
During the same period, Kaspersky blocked over 2.5 million web-based attacks, with 16% of users and 13% of organisations facing phishing attempts, botnets, Remote Desktop Protocol attacks, exploit kits, and fake Wi-Fi networks. A detailed breakdown showed 354,000 exploitation attempts, 166,000 banking malware cases, 126,000 spyware attacks, 113,000 backdoors, 107,000 password stealers, and 42,000 ransomware detections.
Kaspersky noted that attackers heavily exploited newly discovered 2025 vulnerabilities in 7-Zip, as well as older flaws in Microsoft Office, HTML, WinRAR, VLC Player, and Notepad++. The company emphasised the importance of timely updates and patching to reduce exposure.
Ransomware remains one of the most damaging threats for Pakistan’s corporate sector, frequently targeting government agencies and large enterprises. Kaspersky recommended layered defence strategies, including strong authentication, restricted remote access, updated systems, and advanced tools such as Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR). Regular backups and employee training were also highlighted as essential measures.
Kaspersky revealed that Pakistan is currently targeted by seven Advanced Persistent Threat (APT) groups, focusing on telecom, finance, critical infrastructure, government, and increasingly, commercial industries. One monitored campaign involved the APT group “Mysterious Elephant,” which launched spear-phishing and exploit-driven attacks to steal sensitive files, documents, images, and WhatsApp data across the Asia-Pacific region.
Berezin noted that cyberthreats in Pakistan range from widespread malware to highly targeted operations supported by zero-day vulnerabilities. Understanding these evolving risks, he added, enables organisations to better prepare their security strategies.
Kaspersky urged individuals to adopt basic cyber-safety practices, use trusted security software, install regular updates, and back up data. For organisations, it recommended conducting IT assessments, strengthening endpoint-to-XDR protection, accessing threat intelligence, updating cybersecurity policies, and training employees through platforms such as Kaspersky Security Awareness.