On-Device Cyber Threats Against Indian Businesses on the Rise: Kaspersky On-device threats that spread through offline methods rely on physical media, such as USB drives, external hard disks, or other removable storage, to infect target systems with malicious software.
You're reading Entrepreneur India, an international franchise of Entrepreneur Media.
Global cybersecurity and data privacy firm Kaspersky detected and prevented nearly 2 crore on-device malware attacks targeting businesses in India in 2024.
The company stated that as businesses increasingly focus on securing their online networks, "a lesser-known but equally dangerous threat is gaining traction: attacks via various 'offline' methods, such as USB drives and removable media".
There is an urgent need for organizations to strengthen their defenses against attacks originating from USB drives and removable media, the company added.
On-device threats that spread through offline methods rely on physical media, such as USB drives, external hard disks, or other removable storage, to infect target systems with malicious software. Unlike conventional cyberattacks that depend on internet access, these threats take advantage of users' trust in physical devices, making them especially insidious and harder to detect.
"Last year, our researchers discovered a secure USB drive, designed by a government agency for secure file storage and transfer in high-sensitivity environments, had been compromised. The drive's access management software was infected with malicious code, which was engineered to steal confidential data from the secure partition. The malware also functioned as a USB worm, propagating itself to other compatible drives and amplifying the risk of widespread infection. This is a real example of the danger each local threat can pose to organizations and businesses," said Jaydeep Singh, General Manager, India, Kaspersky.
Between January and December 2024, Kaspersky solutions deployed by businesses across SEA blocked a total of 1,95,47,644 local threats. This marks a 12% increase compared to the nearly 1.75 crore offline attacks detected in 2023.
"Local threats, such as malware delivered via USB drives or removable media, are among the most dangerous cybersecurity risks businesses face today. These attacks bypass traditional online defences, exploit human curiosity, and can rapidly spread across networks, leading to data breaches, operational disruptions, and significant financial losses. Businesses must prioritize protecting against these threats, as they often target the weakest link in cybersecurity—human behaviour—and can cause irreparable damage to both reputation and operations," added Singh.
