India's Digital Siege

Navigating the 2025 cyber threat landscape where accelerated digitalization meets sophisticated global threats.

#2

Most Targeted Nation for Data Theft Globally

₹1.2L Cr

Projected Cyber Fraud Loss in 2025

1.5M

Cybersecurity Skills Shortage by 2025

The New Digital Battlefield

India is a central theater for global cyber adversaries. Click each stat to drill down into the details.

In 2024, India became the second most attacked nation for data theft with 95 entities compromised, trailing only the United States (140 attacks). This places India significantly ahead of other nations like Israel (57 attacks).

India contributes 6.9% of all global email threats. Within Asia, its role is even more pronounced, accounting for 23.92% of all email-based threats, making it a primary target for phishing and malware distribution.

Responsible for 4.74% of all threats identified worldwide, with 19.3 million detections from a single telemetry source. The majority of malware are Trojans (43.38%) and Infectors (34.23%), indicating targeted campaigns.

India surpassed the US and Canada with a 28% share of all mobile malware attacks detected between June 2023 and May 2024. The Android platform is particularly vulnerable due to its open nature and large market share.

Anatomy of the Attack

Attackers use double/triple extortion: first exfiltrating data, then encrypting systems, and finally threatening to leak the data or attack the victim's customers. This is fueled by Ransomware-as-a-Service (RaaS) groups like LockBit.

A key tactic is "Living off the Land" (LOLBAS), where legitimate tools like PowerShell and even Windows BitLocker are used to conduct attacks, bypassing traditional signature-based security.

Generative AI and deepfake technology are used to create hyper-realistic fake video and audio to impersonate CEOs or officials. Novel schemes like "Digital Arrest" scams, where fraudsters impersonate law enforcement, have led to losses exceeding ₹2,000 crore.

State-linked groups from China and Pakistan systematically target Indian critical infrastructure. Simultaneously, 2024 saw over 4,000 hacktivist incidents, with groups like KillSec (previously hacktivist) now launching their own RaaS platforms, blurring the lines between ideology and cybercrime.

Sectoral Vulnerabilities

  • Angel One: Data breach exposed 8 million customer records.
  • WazirX: $230 million stolen from the cryptocurrency exchange.
  • Motilal Oswal: Ransomware attack caused significant disruption to business operations.
  • Signzy: Breach at this ID verification startup affected its 600+ financial institution clients.

Healthcare is the most targeted vertical (21.82% of attacks) due to high-value patient data and often outdated IT infrastructure.

Star Health Insurance Breach: A massive incident compromising 31 million customer records, with 7.24 TB of data including medical records and PAN details sold on the dark web.

  • BSNL: Suffered its second major data breach in a year, leaking 278GB of user data.
  • Hathway: Breach compromised 41.5 million customers, including Aadhaar details.
  • Polycab India: Ransomware attack disrupted IT and Operational Technology (OT) infrastructure.

Strategic Imperatives for 2025

  1. Embrace Zero Trust Architecture: Shift from perimeter defense to a "never trust, always verify" model to contain breaches and prevent lateral movement.
  2. Strengthen the Human Firewall: Invest in continuous, behavior-focused training against deepfakes and advanced social engineering.
  3. Secure the Supply Chain: Implement rigorous vendor risk management to protect against third-party vulnerabilities.
  1. Bridge the 1.5M Skills Gap: Launch a national mission for cybersecurity capacity building through public-private partnerships.
  2. Foster Collaborative Info Sharing: Move beyond one-way mandatory reporting to a trusted, bidirectional flow of threat intelligence for collective defense.
  3. Advance Cyber Diplomacy: Strengthen international cooperation to track and prosecute global cybercrime syndicates.