Spyware attacks increased by 300% in Pakistan
Spyware attacks in Pakistan witnessed an alarming surge in the first quarter of 2024, escalating by a staggering 300% compared to the same period in 2023, signalling a growing menace of espionage and data infiltration. According to findings by the Kaspersky Managed Detection and Response (MDR) team, the frequency of high-severity incidents involving direct human engagement surpassed two per day in 2023, underscoring the severity of the situation. The latest report by Kaspersky sheds light on the alarming trend cutting across various industries, with the financial, IT, government, and industrial sectors emerging as the primary targets.
A comparative analysis of cyberattack statistics between the first quarters of 2023 and 2024 in Pakistan presents a nuanced picture of evolving threats. Kaspersky telemetry indicates a moderate rise in backdoor attacks in 2024, underscoring persistent vulnerabilities in the country’s digital infrastructure. However, there’s a silver lining as banking malware attacks registered a decline of over 50% from 2023. Yet, these fluctuations underscore the critical need for continuous enhancement of cybersecurity measures to safeguard Pakistan’s digital landscape from an array of dynamic threats. According to the report, 22.9% of all detected high-severity incidents were recorded in the government sector. IT companies came second (15.4%), closely followed by financial and industrial companies that reported 14.9% and 11.8% of incidents respectively. The annual report provides information about the reported incidents, their nature, and their distribution by industry and geographic region. It also highlights the most common tactics, techniques and tools attackers used in the past year.
These results are based on an analysis of MDR incidents detected by the Kaspersky Security Operations Centre (SOC). Regarding the nature of these incidents, nearly 25% of them were driven by humans. The percentage of malware attacks resulting in serious consequences dipped slightly in 2023 compared to previous years, accounting for just over 12% of the total reported critical incidents.
This decline represents the smallest share of highseverity incidents in recent years and can be attributed to the “commoditisation of attacks”.
The 2023 MDR’S report, also found that the proportion of incidents involving the detection of targeted attack artefacts, publicly available critical vulnerabilities and the use of social engineering was around 4-5%. “In 2023, Kaspersky detected a smaller number of high-severity incidents, but observed a simultaneous increase in the number of medium and low-severity ones”, said Hafeez Rehman, Technical group manager at Kaspersky.
It’s important to understand that the low number of high-severity incidents does not necessarily indicate low damage. Targeted attacks are now planned more carefully, and become more dangerous. “Therefore, we recommend the use of effective automated cybersecurity solutions managed with the help of experienced SOC analysts,” he added.