Singapore’s cybersecurity conversation tends to orbit cloud breaches, phishing links and ransomware gangs. But new figures suggest an older, less glamorous attack route is quietly regaining ground: malware that rides in on USB drives and other removable media.
Kaspersky said it detected and blocked 3,888,967 on-device threats on computers in Singapore in 2025, a 16.2 per cent jump from 2024. The company’s telemetry shows that worms and file viruses accounted for most of the detections: the kind of malware designed to spread quickly from one machine to the next, often without requiring a user to click on anything.
Also Read: Singapore’s cybersecurity paradox: Why we must act now
That matters because “on-device” attacks don’t depend on someone being tricked into opening a dodgy link. Once an infected removable device is plugged in, malicious code can run automatically if the system is misconfigured, unpatched, or simply caught by a strain that security tools fail to stop. In workplaces where files still move around via thumb drives — from small businesses to highly controlled environments that restrict internet access — that’s a straightforward way to bypass perimeter defences.
The numbers also challenge an assumption common in hyper-connected markets like Singapore: that offline malware is fading away in a cloud-first world. Instead, the data points to a persistent and growing exposure surface that is easy to overlook precisely because it feels old-school.
Kaspersky’s Adrian Hia, Managing Director for Asia Pacific, argues that everyday habits are part of the problem, particularly the default trust people place in removable media. “Most users rarely second-guess plugging in an external device despite the fact that such on-device infections remain a very real threat,” Hia said.
Also Read: The AI arms race in cybersecurity: Is your startup ready?
The risk isn’t just nuisance infections. A compromised endpoint can become a staging ground for deeper intrusion, especially if it stores sensitive documents, cached credentials or access tokens. In an enterprise setting, a single infected machine can be enough to seed malware across shared drives, spread laterally within networks, or quietly exfiltrate data.
For startups and SMEs, a major slice of Southeast Asia’s digital economy, the damage can land fast: disrupted operations, incident response bills, and the reputational hit that follows any disclosure.
There is, however, a key caveat: these figures reflect what Kaspersky customers’ devices in Singapore detected and blocked, not a full census of the country’s computers. Vendor telemetry is useful for trendlines, but it is not a neutral, universal measurement — changes in customer base, detection engines, or reporting can influence year-on-year shifts. Even so, nearly 3.9 million blocked threats is a reminder that endpoint security is still doing heavy lifting, and that removable media remains an active delivery channel.
So what should organisations take away from this?
First, treat USB-borne malware as a current threat, not a museum exhibit. “Air-gapped” or restricted networks are not automatically safer if people regularly shuttle files between machines.
Second, basic hygiene still pays: keep systems patched, restrict autorun behaviours, and lock down administrative privileges so a single infection cannot rewrite the whole machine.
Third, have a recovery plan that works under pressure — particularly offline or isolated backups that cannot be tampered with by an infected endpoint.
For individuals, the guidance is even simpler: be sceptical about unknown drives, avoid installing software from untrusted sources, and update devices promptly. The most sophisticated security strategy can still be undone by a single “found” USB plugged in out of curiosity.
Also Read: Hackers using AI to mask identity behind cyber attacks, researchers say
Singapore’s digital economy is moving fast, but the tools people use to move data around often lag behind. The latest spike in on-device detections suggests attackers have noticed — and they’re happy to win the old-fashioned way.
The post Singapore’s malware spike reveals an overlooked cyber risk: USB drives appeared first on e27.