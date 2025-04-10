A total of 2,803 ransomware incidents were detected and blocked by Kaspersky cybersecurity solutions for businesses in Sri Lanka from January to December 2024.

The 6% growth in attacks highlights the persistent threat of ransomware to organizations across industries, reinforcing the need for a robust cybersecurity strategy.

Experts from the global cybersecurity company urge businesses of all sizes to strengthen their IT security posture, as targeted ransomware attacks continue to evolve into sophisticated operations with severe financial and reputational consequences.

In November 2024, Sri Lanka faced cyberattacks on major corporations and government entities. These incidents underscored the importance of strengthening the nation’s cybersecurity defenses, as attackers exploited vulnerabilities to steal sensitive information and potentially gain unauthorized access to critical systems.

“It’s clear that ransomware operators are targeting all industries in Sri Lanka. While the total number of attempts may seem moderate, organizations must recognize the devastating impact of even a single successful ransomware infection—both financially and reputationally. Businesses should invest in cybersecurity technologies that offer proven, absolute anti-ransomware effectiveness, as not all security solutions provide the same level of protection,” said Sam Yan, Head of Sales for Asia Emerging Countries at Kaspersky.

Kaspersky’s cybersecurity solutions, including Kaspersky Endpoint Security for Business, Kaspersky Small Office Security, and Kaspersky Standard, demonstrated 100% ransomware protection in 10 different real-life attack scenarios during regular Advanced Threat Protection assessments conducted by AV-TEST.

To combat ransomware and aid affected victims, Kaspersky continues its collaboration with Europol, the Dutch National Police, and other international cybersecurity stakeholders through the No More Ransom initiative, launched in 2016. This initiative provides free decryption tools, guidelines, and instructions for reporting cybercrimes worldwide.

As of the end of 2024, Kaspersky marked eight years as a key contributor to the No More Ransom initiative. Over this period, Kaspersky’s free decryption tools have expanded to cover 42 ransomware families, assisting over 2.3 million victims globally, as reported by Europol. These efforts underscore Kaspersky’s unwavering commitment to fighting ransomware and strengthening global cybersecurity resilience.

To protect yourself and your business from ransomware attacks, consider following the rules proposed by Kaspersky experts: Do not expose remote desktop/management services (such as RDP, MSSQL, etc.) to public networks unless absolutely necessary and always use strong passwords, two-factor authentication and firewall rules for them. Promptly install available patches for commercial VPN solutions providing access for remote employees and acting as gateways in your network. Always keep software updated on all the devices you use to prevent ransomware from exploiting vulnerabilities.

Focus your defense strategy on detecting lateral movements and data exfiltration to the Internet. Pay special attention to the outgoing traffic to detect cybercriminals’ connections. Back up data regularly with special attention to offline backup strategies. Make sure you can quickly access it in an emergency when needed. Avoid downloading and installing pirated software or software from unknown sources. Assess and audit your supply chain and managed services’ access to your environment. Prepare an action plan for reputational risk of your data exposure in the unfortunate event of data theft.

Use solutions like Kaspersky Next before attackers reach their final goals. To protect the corporate environment, educate your employees. Dedicated training courses can help, such as the ones provided in the Kaspersky Automated Security Awareness Platform. Use the latest Threat Intelligence information to stay aware of actual TTPs used by threat actors. The Kaspersky Threat Intelligence Portal is a single point of access for Kaspersky’s TI, providing cyberattack data and insights gathered by our team for over 26 years.