India is now the most targeted country for cyberattacks globally, surpassing Brazil and Spain, based on data from Swiss cybersecurity firm Acronis. The Cyberthreats Report for the first half of 2025 documents a significant increase in malware, phishing, and ransomware incidents. Experts report that artificial intelligence is altering the methodologies of cybercriminals.
The data show that in May, 12.4% of Windows devices in India were hit by malware detections, climbing further to 13.2% in June. No other country recorded a higher rate in the same period, underlining just how exposed India’s digital systems have become. Acronis based its research on intelligence from more than a million devices across the world.
Malware constitutes only one aspect of the broader cyber threat landscape. Business email compromise, one of the most common attack techniques, has also grown sharply. From early 2024 to mid-2025, these incidents rose from 20% to 25.6%, driven by criminals using AI tools to create convincing emails, invoices, and impersonations that trick users into giving up passwords, payment details, or corporate access.
Specialists warn that AI is transforming cybercrime by giving low-skilled actors access to tools once reserved for advanced groups. Criminals are now using AI to generate convincing phishing emails, create deepfake identities, and automate large-scale social engineering attacks. Emerging tactics, such as payload-free messages and stealthy credential theft, are becoming harder to detect, while collaboration apps have become frequent entry points. Analysts refer to this as the democratization of cybercrime, enabling even unskilled operators to launch damaging attacks, a trend that adds to the pressure on Indian firms already targeted by ransomware gangs.
The most frequently targeted sectors include manufacturing, IT services, and telecom. Ransomware gangs such as Cl0p, Akira, and Qilin are reported to be highly active against Indian firms, often exploiting remote management tools or weak collaboration platforms. Phishing on services like Microsoft Teams and Slack jumped from just under 10 % to over 30 % in the first half of 2025, while advanced email threats also saw an abrupt rise.
Researchers observe that India’s rapid digital expansion, the adoption of hybrid work models, and the widespread use of public networks have increased organizational vulnerability. The report emphasizes that preventive measures alone are insufficient to address the evolving threat landscape. Organizations are therefore encouraged to implement behavior-based security systems, enhance endpoint monitoring, and develop robust recovery protocols in the event of security breaches.
India’s status as the primary target for global malware incidents constitutes a significant warning for stakeholders. As cyber attackers increasingly utilize artificial intelligence, Indian businesses and institutions must implement more sophisticated, adaptive, and resilient cybersecurity strategies.
Caught feelings for cybersecurity? It’s okay, it happens. Follow us on LinkedIn and Instagram to keep the spark alive.
