In an era of rapid digital growth, the India Cyber Threat Report 2025, jointly published by the Data Security Council of India (DSCI) and Seqrite, sheds light on the escalating threat landscape, urging organizations to reassess their cybersecurity strategies.
A Surge in Cyber Threats
India witnessed over 369 million malware detections across 8.44 million endpoints, averaging 702 threats per minute. These staggering numbers indicate that attacks are not only increasing in volume but also becoming more sophisticated. Major cities, such as Surat, Bengaluru, and Hyderabad, are particularly vulnerable, with Tier 2 and Tier 3 cities also experiencing a sharp rise in cyber incidents.
Top Targets: Healthcare, BFSI, and Hospitality
The healthcare sector emerged as the most attacked, accounting for 21.82% of all malware detections. BFSI (17.38%) and hospitality (19.57%) also faced a high volume of threats. These industries store sensitive personal and financial data, making them attractive targets for cybercriminals.
The Cloud is Under Fire
With 62% of all malware detections occurring in cloud environments, cloud platforms have become the new battleground. The report warns that misconfigured cloud settings and insecure APIs are leading causes of breaches. As more businesses move to the cloud, security gaps need immediate attention.
AI: Double-Edged Sword
AI-powered malware is on the rise. Generative AI tools are enabling attackers to craft more sophisticated phishing emails, impersonate individuals, and circumvent traditional security systems. However, the same AI technologies are being used by defenders to enhance behavior-based detection, which has increased from 12.5% to 14.5% in one year, helping to identify threats that evade signature-based systems.
Malware Breakdown: Trojans and Ransomware Dominate
Trojans remain the most detected malware type (43.25%), followed by infectors and worms. Ransomware, although accounting for only 0.3% of total detections, remains highly damaging. Attackers use these to encrypt data and demand a ransom, resulting in significant operational and financial losses.
WhatsApp and APK Scams: A Growing Concern
One alarming trend is the rise of fake APK files sent via WhatsApp, often disguised as messages from government departments or banks. A family of malware called RewardSteal tricks users into accepting offers such as subsidies or KYC updates, then silently steals their financial data and personal information.
Hacktivism and Geopolitical Threats
Geopolitical tensions—such as the Russia-Ukraine war—have influenced an increase in state-sponsored attacks. Groups like Anon Black Flag Indonesian and The Anonymous Bangladesh were responsible for thousands of hacktivist attacks targeting Indian infrastructure and institutions.
Recommendations for a Safer Digital Future
The report recommends investing in behavioral detection tools, AI-based security platforms, and robust cloud protection strategies. Regular updates, employee training, and industry collaboration are essential. It also emphasizes that cybersecurity is not just an IT issue—it’s a boardroom priority impacting business continuity and reputation.
Conclusion: As India’s digital economy grows, so does its attack surface. The report calls for a unified, adaptive, and proactive approach to cybersecurity—one that’s grounded in technology, awareness, and continuous improvement.
