The first quarter of 2025 showed that Turkiye and Kenya had the highest number of users affected by web incidents (online threats). They were followed by Qatar, Nigeria and South Africa.
Saudi Arabia had the lowest while Pakistan had the second lowest share of users attacked by web-born threats in the META region.
Kaspersky experts constantly track highly sophisticated attacks. Specifically, they are monitoring 25 APT groups currently active in the META region, including well-known ones such as SideWinder, Origami Elephant and MuddyWater.
The rise of creative exploits for mobile and the further development of techniques aimed at evading detection are among the trends Kaspersky is seeing in these targeted attacks.
Ramsomware remains one of the most destructive cyberthreats. According to Kaspersky data, the share of users affected by ransomware attacks increased 0.02 percentage point to 0.44% from 2023 to 2024 globally.
In the Middle East, the growth is 0.07 percentage point to 0.72%, in Africa, there was a 0.01-percentage-point growth to 0.41% while Turkiye has a zero-percentage-point growth to 0.46%. Attackers often don’t distribute this type of malware on a mass scale, but prioritise high-value targets.
In 2025, ransomware is expected to evolve by exploiting unconventional vulnerabilities. The proliferation of large language models (LLMs) tailored for cybercrime will further amplify the ransomware’s reach and impact.
“Ransomware is one of the most pressing cybersecurity threats facing organisations today, with attackers targeting businesses of all sizes and across every region, including META. Ransomware groups continue to evolve by adopting techniques, such as developing cross-platform ransomware, embedding self-propagation capabilities and even using zero-day vulnerabilities that were previously affordable only for APT actors,” said Sergey Lozhkin, Head of META and APAC regions in the Global Research and Analysis Team at Kaspersky.