According to cybersecurity firm Kaspersky, Pakistan’s financial sector experienced a significant escalation in cyber threats in 2024, with financial malware and spyware attacks rising sharply.
Common cyber threats in the country now include ransomware, phishing schemes, and espionage-focused malware, which pose severe risks to the nation’s digital and financial systems.
Kaspersky reported a 114% year-on-year increase in banking and financial malware attacks between January and October 2024. These cyberattacks primarily target digital financial transactions, endangering both individuals and financial institutions.
A key trend observed is the growing focus on mobile devices, which are becoming increasingly vulnerable to financial cyberattacks, a trend projected to persist into 2025.
During the Cyber Threat Intelligence Summit, Kaspersky experts provided insights into the evolving global cyber threat landscape, with a specific focus on Pakistan. The summit revealed the activities of advanced persistent threat (APT) groups such as Lazarus and SideWinder, which have been carrying out sophisticated espionage campaigns.
Ransomware remains one of the most disruptive threats, with attackers using malware to encrypt data and demand payments for decryption keys. Such attacks can paralyze operations, resulting in data loss or prolonged system downtimes. Experts at Kaspersky predict the continued rise of ransomware-as-a-service operations in 2025.
Data from Kaspersky’s Security Network indicates that 13.7% of Pakistani users encountered web-based threats, such as phishing and malicious websites, during the third quarter of 2024. Additionally, 18.7% of users faced local threats, such as malware transmitted through USB devices and encrypted file installers, which bypass conventional security protocols.
Spyware attacks, which aim to collect and transmit unauthorized user data, have risen by 63% in 2024. These attacks have raised concerns for privacy and security, particularly in corporate and government institutions, with experts warning of potential misuse of stolen data in 2025.
The industrial sector has also emerged as a critical target, with 29.51% of industrial control system (ICS) computers in Pakistan being subjected to cyberattacks in the third quarter of 2024. Threats include malware such as spy trojans, keyloggers, and targeted attacks on software like AutoCAD, posing serious risks to key industries such as energy, utilities, and manufacturing.
