The latest report ‘India Cyber Threat Report-2025’ released by the Data Security Council of India (DSCI) and Secright predicts that cyber attacks using artificial intelligence-enabled malware will increase in the coming year.
–Galla S Kiran Kumar, Bureau ChiefAI-based attacks likely in 2025,
fake apps targeting beneficiaries of government schemes,
potential for biometric data theft,
reveals Indian Cyber Threat Report-2025
The latest report ‘India Cyber Threat Report-2025’ released by Data Security Council of India (DSCI) and Secright predicts that cyber attacks using artificial intelligence-enabled malware will increase in the coming year. It also says that there is a potential for controlling them with the same knowledge. It found that 11 cyber attacks were carried out every second across the country in the past year.
The report said that the impact of these attacks is high on sectors like healthcare , hospitality, and finance. It said that in the coming days, attacks will be carried out through AI-based malware and intrusion into personal lives. It is expected that biometric data theft will increase further. It said that there is a possibility of fraud through fake apps and fake applications targeting beneficiaries of government schemes. Crimes that loot huge amounts of money by deceiving investors will increase further. The report indicated that there is a need to improve technology to effectively repel cyber attacks.
DSCI and SecWright have prepared a report on cyber attacks in the country during the year from October 2023 to September this year. It was found that 36.9 crore malware attacks were carried out on 84 lakh endpoints (the center where the crime was detected) across the country. Based on this, it was concluded that an average of 702 cyber attacks were carried out in India per minute. That is, 11 attacks were carried out every second. Healthcare (21.82%), hospitality (19.57%), banking, financial services and insurance- BFSI (17.38%), education (15.64%), MSME (7.52%), manufacturing (6.88%), government organizations (6.1%), and IT/ITES (5.09%) sectors were attacked. On average, malware is behind every 40,436 scams, and ransomware is behind every 595 scams, according to security systems.
5,842 hacktivist attacks in a year
Cybercriminals who form teams and engage in hacking are referred to as ‘hacktivist groups’. These groups carried out 5,842 attacks in the year, targeting industries, government institutions and individuals in the country. The report revealed that this threat is increasingly coming from across the country’s borders.
10 ransomware groups identified
Hacktivists threaten to steal or block online data belonging to government and private sector organizations as well as individuals. They demand large sums of money in exchange for the return of the blocked data. This is considered ransomware. 10 major ransomware groups have been identified.
- Rice
- RansomHub
- Lockbit 3.0
- Play
- Blockbuster
- 8base
- Play
- Akira
- Mauve
- Royal
The most abused file sharing platform is Live.
Many organizations store their data in the cloud. There are many platforms that allow their users to share it with any number of people at the same time. Many such cloud-based file sharing platforms have been targeted by cybercriminals.
- Google Drive
- Dropbox
- OneDrive
- GitHub
- Microsoft Teams
- We Transfer
- Box
- Amazon S3 buckets
- IBM Cloud
- Oracle Cloud
- Telangana recorded the highest number of attacks nationwide at 15.03%.
Telangana has shown its ability to detect cyber attacks across the country. It has identified 15.03 percent of the malware sent by criminals, ranking first in the country. This is due to the fact that Hyderabad has the fastest growing IT industry and has established strong cybersecurity frameworks. Tamil Nadu, Delhi, Gujarat and Rajasthan are in the next positions.
In the coming days, there is a possibility of crimes like AI-based malware, deepfake exploits, data theft, and ransomware. Cybercrimes will also increase with the expansion of 5G networks. Strong cybersecurity systems should be established for digital security. Organizations should provide necessary training to their employees. Cyber hygiene such as data security, malware protection, secure configuration, data backup and recovery, privacy control, etc. should be prioritized. AI-based defense systems should be strengthened especially to repel hacker attacks.
