India has become the top global target for hacktivist campaigns and the leading regional focus of advanced persistent threat (APT) groups, according to a new report by cybersecurity firm Group-IB. The report highlights how India’s growing economy and global influence have made it a magnet for politically driven cyberattacks.
In 2024, India accounted for 12.8% of all hacktivist attacks worldwide—the highest share of any country. Regionally, India faced 49.3% of all Asia-Pacific cyberattacks, underscoring the scale of the threat. State-sponsored actors also set their sights on India, with the country absorbing more than 10% of APT attacks in the region—the largest share across Asia-Pacific nations.
“Throughout 2024, politically motivated cyber actors launched DDoS attacks, website defacements, and large-scale data leaks against entities linked to geopolitical adversaries,” said Dmitry Volkov, CEO of Group-IB. “India became a prime target as its diplomatic positions in international conflicts triggered retaliation from multiple hacktivist groups.”
As cyber threats intensify, India has also seen a sharp rise in cyber fraud. According to India’s National Cyber Reporting Platform (NCRP), fraud incidents jumped 51% last year. Alarmingly, nearly half of these attacks originated from three neighboring countries.
Application-based attacks also grew 20% year-over-year, with certain threats climbing even faster, data from application security firm Indusface showed. Vulnerability exploits nearly doubled, while malicious bot attacks surged 48%—posing significant risks to critical sectors like finance and utilities.
“The rise in bad bot activity is concerning because these attacks often evade defenses until behavioral models detect the malicious patterns,” warned Venkatesh Sundar, founder of Indusface’s Americas division.
Despite limited infiltration methods, Sundar emphasized that strong cybersecurity basics still work. “Securing digital assets is like protecting a house—you need multiple locks. If one fails, another still keeps you safe,” he added.
Group-IB’s report predicts that cyberattacks—whether motivated by profit, espionage, or activism—will escalate in 2025. State-sponsored campaigns are expected to increasingly target critical infrastructure, government systems, and private businesses.
China, one of India’s regional rivals, has already begun insulating itself through homegrown technologies. As tensions grow, more countries may follow China’s lead, isolating their digital infrastructure to reduce foreign interference.
“In this climate, nations or allied groups might de-globalize their digital systems, creating isolated networks with strict regulations and customized security protocols,” the report noted. However, this patchwork approach could complicate international relations and present new challenges for global businesses.
Ongoing global conflicts, such as the wars in Ukraine and Gaza, have intensified hacktivism. Groups worldwide, and within India, increasingly launch cyberattacks against countries they view as politically opposed.
“India faces mounting hacktivist attacks partly due to regional tensions and its growing alliance with Israel,” the report stated. Pro-Palestinian hacktivist groups, in particular, have targeted India for its diplomatic support of Israel.
This trend reflects a broader shift where cyberwarfare increasingly mirrors geopolitical allegiances on the global stage.
In response to these threats, Indian industries and government agencies are strengthening cybersecurity protocols. Sectors like banking, stock exchanges, insurance, and payment systems now release updated cybersecurity guidelines almost every quarter.
“New guidelines keep rolling out, supplementing the existing accreditations these firms already follow,” Sundar noted.
He recommended that companies map their external attack surfaces to reduce legacy applications and vulnerable APIs. Regular vulnerability scans and integrating security checks into automated development pipelines are also essential. When patching isn’t immediately possible, virtual patching offers a temporary safeguard.
Finally, Sundar urged organizations to continuously monitor network-facing devices and leverage AI-driven tools to detect and block threats proactively.
“Staying ahead of these evolving cyberattacks requires layered defense strategies and real-time monitoring,” Sundar said.
As India’s digital footprint expands, defending against this rising wave of cyber threats will be critical to protecting the country’s economic ambitions and national security.
