Kaspersky detects 14mn local malware incidents in Sri Lanka in 2025

Sri Lanka experienced 14,960,244 local malware incidents on user computers during 2025, with 37.4 percent of users in the country attacked by threats spread through removable USB drives, CDs, DVDs and other offline methods, according to the latest Kaspersky Security Bulletin. 

This places Sri Lanka in the 48th position worldwide for local threat exposure.

The data from Kaspersky Security Network for the January-December 2025 period reveals that local infection vectors remain a significant challenge for Sri Lankan users and organisations, particularly in environments where shared removable media remains common practice. “Local threats continue to pose a persistent risk to users in Sri Lanka,” said Kaspersky Head of Sales for Asia Emerging Countries Sam Yan. 

“While much attention focuses on internet-based attacks, offline infection methods through USB drives and other removable media remain a critical vulnerability, especially in workplaces and educational institutions where such devices are frequently shared.” 

The report highlights that worms and file viruses account for the majority of local infection incidents. These infections typically occur through removable storage devices that have been compromised, often spreading silently across multiple systems before detection. Unlike web-based threats that require internet connectivity, local malware can propagate entirely through physical media transfer.

Protection against local threats requires a comprehensive security approach that extends beyond traditional antivirus capabilities. Effective defence demands integrated firewalls, anti-rootkit technologies and strict control over the use of removable devices. These multiple layers of security help detect, contain and prevent malware from spreading through offline media while minimising the risk of system compromise.

The global threat landscape in 2025 saw significant increases in specific malware categories. Kaspersky’s detection systems discovered an average of 500,000 malicious files per day throughout 2025, marking a 7 percent increase compared to 2024. Notably, password stealer detections surged by 59 percent globally, spyware detections grew by 51 percent and backdoor detections increased by 6 percent year-over-year. In the Asia Pacific region specifically, password stealers increased by 132 percent and spyware rose by 32 percent, reflecting heightened cybercriminal activity targeting user credentials and sensitive information across the region. “The data from Sri Lanka indicates that local infections remain a critical part of the security picture,” Yan added. 

“Organisations must adopt a comprehensive cybersecurity posture that includes robust endpoint protection combined with device management policies to limit the risks posed by physical media transfer.”

Kaspersky recommends several protective measures for individuals and organisations. Users should avoid connecting unknown USB drives or other removable media to their computers, keep all software updated with the latest security patches and use reliable security solutions such as Kaspersky Premium for comprehensive protection.

Organisations should implement strict policies governing the use of removable devices, ensure all endpoints have up-to-date security software with real-time protection enabled, regularly back up critical data to isolated systems and deploy advanced security products like Kaspersky Next for comprehensive visibility across corporate infrastructure.

“As Sri Lanka continues to expand its digital footprint, the threat landscape evolves and demands robust cybersecurity defences across both online and offline attack vectors,” Yan concluded. 

“Kaspersky provides a range of solutions designed to protect users from both web-based and local threats, enabling safer technology use in homes and workplaces alike.”