Sri Lanka is facing a silent cyber crisis as millions of malware attacks spread through everyday devices, exposing deep vulnerabilities beyond the internet.
Sri Lanka recorded more than 3.9 million local malware incidents in the third quarter of 2025 alone, with nearly a quarter of users affected by offline cyber threats, according to new data released by Kaspersky. The findings point to a growing but often overlooked risk in the country’s digital environment, driven largely by the continued use of removable storage devices.
The report shows that 23.2 percent of Sri Lankan users encountered malware infections spread through offline vectors such as USB drives, CDs, and DVDs. This places Sri Lanka 53rd globally for exposure to locally distributed malware. Unlike online cyberattacks that exploit internet connections, these infections are typically caused by worms and file-based viruses transmitted through physical media.
Despite the country’s rapid adoption of cloud services and online platforms, device sharing remains widespread across offices, schools, and homes. This reliance on removable media has emerged as a critical weakness for both individuals and organisations, allowing malware to bypass traditional network-based security measures.
Kaspersky Managing Director for Asia Pacific Adrian Hia warned that focusing only on online threats creates a dangerous blind spot. “Organisations need to employ multi-layered protection strategies that include antivirus, firewall and device control to effectively combat these threats and safeguard their networks,” he said, highlighting the need for stronger endpoint security and stricter device policies.
The data was released at a crucial moment for Sri Lanka’s cyber governance framework. Just days earlier, the Sri Lanka Computer Emergency Readiness Team held a stakeholder consultation on ratifying the UN Convention Against Cybercrime, aimed at strengthening the country’s legal and institutional response to digital threats.
These efforts align with the government’s newly approved National Cyber Security Strategy 2025–2029, which focuses on protecting critical information infrastructure amid an increasingly complex threat environment. Earlier reports also revealed a 25 percent rise in attacks targeting vulnerable Windows drivers during the first quarter of the year, underscoring the growing sophistication of cybercriminal activity.
Although Sri Lanka’s infection rate remains lower than high-risk countries such as Turkmenistan and Tajikistan, where rates exceed 30 percent, the sheer volume of incidents serves as a serious warning. As digital adoption accelerates, experts stress that businesses must move beyond basic antivirus tools and implement comprehensive device management and security controls to reduce the risks posed by offline malware.
