India remained among the world’s most cyber-targeted nations in 2025, with organizations averaging 2,011 attacks per week across industries—significantly above global benchmarks. Check Point Software’s State of Cyber Security in India 2025 report identifies education as the hardest-hit sector globally, facing 4,248 to 9,817 weekly incidents. Cloud misconfigurations, infostealer malware, and advanced ransomware drove the surge amid rapid digital expansion.
Escalating Attack Volumes and Sector Exposure
Cyber incidents climbed from 1.03 million in 2022 to 2.27 million in 2024, with early 2025 trends signaling further growth. Financial fraud losses hit ₹36,450 crore by February 2025 on the National Cyber Crime Reporting Portal, fueled by phishing-led UPI scams, AI social engineering, SIM swaps, and deepfakes. Telecom, healthcare, BFSI, and government sectors endured sustained high volumes.
Education’s vulnerability stems from expanded digital footprints and resource constraints. Less than 9% of sensitive cloud data receives encryption, while few organizations detect or remediate breaches within the first hour, amplifying impacts from misconfigurations and over-permissive access.
Infostealer Malware Dominance
Infostealers proliferated, compromising 44,197 Windows devices with Lumma Stealer between March and May 2025. Families like RisePro, Vidar, StealC, RedLine, AgentTesla, and FormBook featured modular designs for credential theft. AgentTesla infections rose 22% year-on-year via phishing, targeting enterprise environments with browser data, wallets, and session tokens.
Ransomware affected 7-10% of organizations, peaking in education, with attackers emphasizing data exfiltration, zero-days, AI reconnaissance, and living-off-the-land techniques to evade defenses.
Cloud and Ransomware Threat Evolution
Unsecured cloud buckets exposed 500GB of personal and biometric data, including law enforcement records, exemplifying widespread misconfiguration risks. Ransomware tactics shifted to multi-extortion, blending encryption with repeated system strikes.
Sundar Balasubramanian, Check Point India MD, urged securing AI against manipulation while leveraging AI intelligence proactively. Wipro CISO Aathir Ahad highlighted intelligence-driven security and identity-first postures amid geopolitical risks.
Strategic Response for Indian Enterprises
GCCs, BFSI, and manufacturing must prioritize cloud governance, encryption, and rapid detection. Education and public sectors face acute pressures from resource gaps. The report calls for AI-powered defenses matching adversary sophistication, transforming cybersecurity into a resilience enabler for India’s digital economy.
