Highlighting the continued rise in cyberattacks across Indian organizations, the Check Point State of Cyber Security in India 2025 report reveals that attackers are increasingly exploiting cloud misconfigurations, infostealer malware, and sophisticated ransomware techniques to target high value sectors.
Check Point Software Technologies Ltd., a leading AI powered, cloud delivered cyber security platform provider, released its State of Cyber Security in India 2025 report, highlighting the continued rise in cyberattacks across Indian organizations. The report reveals that attackers are increasingly exploiting cloud misconfigurations, infostealer malware, and sophisticated ransomware techniques to target high value sectors.
According to the report, India remained one of the most heavily targeted countries globally. Across all industries, Indian organizations faced an average of 2,011 cyberattacks per week in 2025, significantly higher than global averages. The education sector emerged as the most targeted vertical worldwide, with institutions experiencing between 4,248 and 9,817 attacks per week, far exceeding other industries. Telecommunications, healthcare, financial services, and government bodies also faced sustained and elevated attack volumes, underscoring India’s heightened exposure across both public and private sectors.
“India’s digital momentum is unstoppable, but so are the adversaries exploiting its speed. As we embrace AI driven innovation, our security strategies must evolve faster than the threats. This means two critical priorities securing AI systems against adversarial manipulation and leveraging AI powered intelligence to predict and prevent attacks.”
– Sundar Balasubramanian, Managing Director, Check Point Software Technologies, India and South Asia
India’s cyber security challenges reflect a sharp escalation driven by local digital adoption trends and measurable threat activity captured in the report. Cyber incidents rose from approximately 1.03 million in 2022 to 2.27 million in 2024, with early 2025 indicators pointing to continued growth. Financial cyber fraud losses reported on the National Cyber Crime Reporting Portal reached ₹36,450 crore as of February 2025, largely driven by phishing led UPI fraud, AI assisted social engineering, SIM swap attacks, and deepfake enabled scams. These figures underline how rapidly expanding digital payments, cloud usage, and connected infrastructure are widening India’s attack surface.
Cloud security misconfigurations emerged as a critical India specific risk. The report highlights multiple serious incidents, including a breach that exposed 500GB of personal and biometric data including records of law enforcement and military personnel due to an unsecured cloud storage bucket. Such incidents mirror a broader pattern observed across Indian organizations, where misconfigurations, over permissive access controls, and unmanaged identities continue to be leading breach drivers. Despite the rise in cloud incidents, less than 9 percent of sensitive cloud data is encrypted, and only a small fraction of organizations are able to detect or remediate breaches within the first hour, significantly amplifying potential impact.
“As coordinated attacks and geopolitical undercurrents intensify, India’s IT services industry faces a new risk paradigm. Long term strength lies in intelligence driven security, identity first posture, and protection engineered into every layer of global digital operations.”
– Aathir Ahad, Chief Information Security Officer, Wipro
The report also highlights the rise of infostealer malware in India. Between March and May 2025, 44,197 Windows devices were compromised by Lumma Stealer. Other major families included RisePro, Vidar, StealC, and RedLine, which introduced modular architectures and advanced credential theft. In enterprise environments, AgentTesla and FormBook remained dominant, with AgentTesla infections rising 22 percent year over year, primarily through targeted phishing campaigns.
Ransomware continued at elevated levels, impacting between 7 and 10 percent of organizations nationally, with spikes in the education sector. Attackers increasingly focus on data exfiltration and extortion, using zero-day vulnerabilities, AI powered reconnaissance, and legitimate system tools to evade detection and maximize disruption.
Sundar Balasubramanian, Managing Director, Check Point Software Technologies, India and South Asia, said,“India’s digital momentum is unstoppable, but so are the adversaries exploiting its speed. As we embrace AI driven innovation, our security strategies must evolve faster than the threats. This means two critical priorities securing AI systems against adversarial manipulation and leveraging AI powered intelligence to predict and prevent attacks. By combining these approaches, we can transform cyber security from a reactive shield into a proactive enabler of trust, resilience, and growth for India’s digital economy.”
Aathir Ahad, Chief Information Security Officer, Wipro, added,“As coordinated attacks and geopolitical undercurrents intensify, India’s IT services industry faces a new risk paradigm. Long term strength lies in intelligence driven security, identity first posture, and protection engineered into every layer of global digital operations.”
