Breaking News

Cyberattacks surge across Indian organisations in 2025

by VARINDIA 2025-12-29

Cyber threats against Indian organisations escalated sharply in 2025, driven by cloud misconfigurations, infostealer malware and increasingly advanced ransomware campaigns, according to the State of Cyber Security in India 2025 report released by Check Point Software Technologies. The findings highlight growing risks for both public and private sector entities amid rapid digital adoption.

The report states that India continued to rank among the most targeted countries globally. On average, organisations across sectors faced about 2,011 cyberattacks per week during 2025, a figure significantly higher than the global average. Education institutions emerged as the most affected worldwide, recording between 4,248 and 9,817 attacks weekly. Sectors such as telecommunications, healthcare, financial services and government also witnessed sustained attack volumes, underlining the widespread nature of cyber exposure.

Digital Expansion Increases Vulnerability

The surge in cyber incidents has been closely linked to India’s accelerated digital growth. According to the report, cyber incidents rose from nearly 1.03 million in 2022 to around 2.27 million in 2024, with early trends in 2025 indicating further escalation. Financial losses from cyber fraud reported through the National Cyber Crime Reporting Portal reached approximately ₹36,450 crore by February 2025.

Phishing-driven UPI fraud, AI-enabled social engineering, SIM swap attacks and deepfake-based scams have emerged as major contributors to financial crime. The growing use of digital payments, cloud platforms and connected infrastructure has significantly widened the overall attack surface, making organisations more vulnerable to exploitation.

Cloud Misconfigurations and Malware Drive Attacks

Cloud security gaps were identified as a critical risk area for Indian organisations. The report highlighted several high-impact incidents, including one breach that exposed nearly 500GB of sensitive personal and biometric data due to an unsecured cloud storage environment. Such incidents were attributed to misconfigurations, excessive access privileges and weak identity controls. Despite increased cloud adoption, less than 9 per cent of sensitive cloud data remains encrypted, while many organisations struggle to detect breaches within the first hour.

Infostealer malware activity also rose sharply. Between March and May 2025, more than 44,000 Windows systems in India were compromised by Lumma Stealer, with other malware families such as RisePro, Vidar and RedLine also active. Within enterprise environments, AgentTesla and FormBook infections continued to grow, largely fuelled by phishing campaigns.

Ransomware remained a persistent threat, impacting an estimated 7 to 10 per cent of organisations, particularly in the education sector. Attackers increasingly combined data theft with extortion tactics, using AI-driven reconnaissance and zero-day vulnerabilities to evade detection.

Industry experts stressed the need for intelligence-led, AI-powered security strategies to counter the evolving threat landscape as India’s digital ecosystem continues to expand.