Kaspersky detects 14 million local malware incidents in Sri Lanka in 2025

Sri Lanka experienced 14,960,244 local malware incidents on user computers during 2025, with 37.4% of users in the country attacked by threats spread through removable USB drives, CDs, DVDs and other offline methods, according to the latest Kaspersky Security Bulletin. This places Sri Lanka in the 48th position worldwide for local threat exposure.

The data from Kaspersky Security Network (KSN) for the January-December 2025 period reveals that local infection vectors remain a significant challenge for Sri Lankan users and organizations, particularly in environments where shared removable media remains common practice.

“Local threats continue to pose a persistent risk to users in Sri Lanka,” said Sam Yan, Head of Sales for Asia Emerging Countries at Kaspersky. “While much attention focuses on internet-based attacks, offline infection methods through USB drives and other removable media remain a critical vulnerability, especially in workplaces and educational institutions where such devices are frequently shared.” 

The report highlights that worms and file viruses account for the majority of local infection incidents. These infections typically occur through removable storage devices that have been compromised, often spreading silently across multiple systems before detection. Unlike web-based threats that require internet connectivity, local malware can propagate entirely through physical media transfer.

Protection against local threats requires a comprehensive security approach that extends beyond traditional antivirus capabilities. Effective defense demands integrated firewalls, anti-rootkit technologies, and strict control over the use of removable devices. These multiple layers of security help detect, contain, and prevent malware from spreading through offline media while minimizing the risk of system compromise.

The global threat landscape in 2025 saw significant increases in specific malware categories. Kaspersky’s detection systems discovered an average of 500,000 malicious files per day throughout 2025, marking a 7% increase compared to 2024. Notably, password stealer detections surged by 59% globally, spyware detections grew by 51%, and backdoor detections increased by 6% year-over-year.

In the Asia Pacific region specifically, password stealers increased by 132% and spyware rose by 32%, reflecting heightened cybercriminal activity targeting user credentials and sensitive information across the region.

“The data from Sri Lanka indicates that local infections remain a critical part of the security picture,” Yan added. “Organizations must adopt a comprehensive cybersecurity posture that includes robust endpoint protection combined with device management policies to limit the risks posed by physical media transfer.”

Kaspersky recommends several protective measures for individuals and organizations. Users should avoid connecting unknown USB drives or other removable media to their computers, keep all software updated with the latest security patches, and use reliable security solutions such as Kaspersky Premium for comprehensive protection.

Organizations should implement strict policies governing the use of removable devices, ensure all endpoints have up-to-date security software with real-time protection enabled, regularly back up critical data to isolated systems, and deploy advanced security products like Kaspersky Next for comprehensive visibility across corporate infrastructure.

“As Sri Lanka continues to expand its digital footprint, the threat landscape evolves and demands robust cybersecurity defenses across both online and offline attack vectors,” Yan concluded. “Kaspersky provides a range of solutions designed to protect users from both web-based and local threats, enabling safer technology use in homes and workplaces alike.”