Published: 08:49 PM, 30 November 2025
The Escalating Cybersecurity Crisis in Pakistan
Fourteen of this calendar month, global cybersecurity firm Kaspersky announced that Pakistan had experienced more than 5.3 million cyberattacks in the first three quarters of the year, warning that the country’s digital ecosystem is facing unprecedented risks from malware, ransomware, phishing, and advanced targeted attacks.
Kaspersky’s announcement at the 8th International Cyber Threat Intelligence (CTI) Conference & Expo 2025 on 13-14 November in Islamabad laid bare the scale of Pakistan’s vulnerability. The report revealed that 27% of Pakistani users and 24% of corporate entities encountered malware infections, often spread through infected USB drives, CDs, DVDs, and hidden installers. These included ransomware, worms, backdoors, trojans, password stealers, and spyware.
According to its findings, Pakistan witnessed over 5.3 million on‑device attacks and 2.5 million web‑based threats between January and September 2025. More than 2.5 million web-based attacks were blocked during the same period, while phishing attempts, botnet activity, and fake Wi-Fi attacks surged across the country. Phishing scams, botnets, Remote Desktop Protocol attacks, and fake Wi‑Fi networks were among the most common tactics, affecting 16 percent of users and 13 percent of corporate entities.
The sophistication of these attacks reflects a broader global trend: cybercriminals are deploying increasingly advanced tools, often exploiting weaknesses in everyday digital practices.
These figures underscore the gravity of the challenge: government organizations, corporate entities, and critical sectors such as oil and gas are increasingly targeted by Advanced Persistent Threats (APTs) designed to steal vital information and disrupt operations.Experts cautioned that the increasing sophistication of cybercriminal tactics demands heightened vigilance and stronger security practices across all sectors.
During the briefing, Dmitry Berezin, Kaspersky’s Global Security Expert, highlighted the pressing dangers facing Pakistan. He pointed to exploits, ransomware, and advanced targeted attacks as the most significant risks.
Pakistan’s rapid embrace of online financial transactions has created new opportunities for growth but also new vulnerabilities. Alarmingly, it is estimated that every 30 seconds, someone in Pakistan falls victim to identity theft. Citizens frequently receive fraudulent calls, messages, and emails requesting sensitive information such as CNIC numbers, bank account details, and passcodes. These scams erode trust in digital platforms and expose individuals to financial ruin.
Globally, the scale of cybercrime is staggering. Damages amounted to $8 trillion in 2023, with projections suggesting this figure will rise to $10.5 trillion by 2025. Cybercrime has effectively become the world’s third‑largest “economy,” trailing only the United States and China. Pakistan, as part of this global ecosystem, is deeply affected by these trends.
Earlier in 2025, Kaspersky reported that nearly 8,500 users from small and medium‑sized businesses (SMBs) in Pakistan had faced cyberattacks. Malicious software was disguised as popular productivity tools, such as Zoom and Microsoft Office, tricking unsuspecting employees into downloading harmful files.
The widespread adoption of artificial intelligence (AI) and machine learning has further complicated the threat landscape. Cybercriminals now exploit AI‑based services such as ChatGPT and DeepSeek, using them as lures to perpetrate attacks. These developments highlight how technological progress, while offering immense benefits, also equips malicious actors with sophisticated new tools.
Pakistan has already suffered several high‑profile breaches. In May 2025, the login credentials and passwords of over 180 million internet users were stolen in a global data breach, exposing nearly the entire online population to exploitation. Earlier, in March 2024, a Joint Investigation Team (JIT) found that 2.7 million citizens’ credentials had been compromised between 2019 and 2023 in a leak from the National Database and Registration Authority (NADRA).
Critical infrastructure has also been targeted. On August 6, 2025, Pakistan Petroleum Limited (PPL) faced a ransomware attack on its IT systems. The attacker, identifying himself as “Blue Locker,” issued a ransom note, underscoring the vulnerability of the energy sector to cyber extortion. Such incidents demonstrate that cyberattacks are not limited to individuals or small businesses; they threaten the very backbone of Pakistan’s economy.
Recognizing the severity of the threat, the National Cyber Emergency Services Response Team (PKCERT) issued data protection guidelines on August 20, 2025. These advisories, aimed at organizations handling citizens’ personal information, prescribed immediate, medium‑, and long‑term measures. Recommendations included classifying data sets based on sensitivity, adopting advanced encryption methods, and implementing multi‑factor authentication. While these steps mark progress, the scale of the challenge demands far more comprehensive and coordinated action.
The consequences of cybersecurity breaches are profound. For individuals, compromised credentials mean identity theft, financial fraud, and privacy violations. For businesses, breaches disrupt operations and erode customer trust. For the state, the stakes are even higher: compromised data undermines governance, weakens national security, and damages institutional credibility. The NADRA leak exemplifies how breaches at critical institutions can jeopardize the integrity of national systems.
As Pakistan hosts its 8th International Cyber Threat Intelligence (CTI) Conference & Expo 2025, Kaspersky’s November announcement underscores the urgent reality that the country’s digital economy is under sustained attack. For businesses, the implications go far beyond data breaches: unchecked cyber threats can erode customer trust, disrupt operations, and weaken competitiveness in global markets. The challenge is not simply to patch vulnerabilities after each incident, but to embed cybersecurity into the core of corporate strategy , investing in advanced safeguards, cultivating skilled talent, and fostering a culture of digital resilience (By Vaishali Basu Sharma)
>> Source: The Khaama Press
