India: Asia's Most Cyberattacked Nation
India faces a cybersecurity crisis of growing proportions. According to CloudSEK's Annual Threat Intelligence Report 2025, India experienced the highest number of cyberattacks in the Asia-Pacific region for the third consecutive year, accounting for 13.7% of all global cyberattacks — second only to the United States. The Indian Computer Emergency Response Team (CERT-In) reported 14.37 lakh (1.437 million) cybersecurity incidents in 2025 — a 113% increase over 2024.
The economic cost is staggering. IBM's Cost of a Data Breach Report 2025 estimated the average cost of a data breach for Indian organisations at $2.18 million (₹18.2 crore) — an 18% increase year-over-year — while ransomware attacks cost Indian businesses a combined ₹8,500 crore in 2025 through ransom payments, recovery costs, and business disruption.
Major Cybersecurity Incidents Shaking India
Healthcare Under Attack
India's healthcare sector has become a prime target. AIIMS Delhi suffered a catastrophic ransomware attack in November 2022 that disabled its hospital information systems for nearly a month — affecting patient care for millions. Investigations traced the attack to Chinese state-sponsored actors. The incident exposed the vulnerability of critical healthcare infrastructure and prompted emergency cybersecurity funding for government hospitals.
In 2025, the attack pattern intensified. Star Health Insurance — India's largest standalone health insurer — suffered a massive data breach in September 2025 that exposed personal health data of approximately 3.1 crore customers, including medical reports, policy details, and identity documents. The stolen data was reportedly sold on Telegram channels at ₹300 per record. Star Health filed an FIR and the investigation implicated a former senior employee as a potential insider threat.
Financial Sector: UPI Fraud and Bank Breaches
With India processing over 17 billion UPI transactions monthly, the financial attack surface is enormous. The National Payments Corporation of India (NPCI) reported UPI fraud cases totalling ₹2,145 crore in FY2025-26 H1 — though it emphasised this represents just 0.002% of total transaction value. More concerning are sophisticated attacks on banking infrastructure: a coordinated attack on a mid-sized cooperative bank in Maharashtra in August 2025 resulted in ₹415 crore in unauthorized transfers before being contained.
State-Sponsored Threats
India's intelligence agencies and cybersecurity firms have identified sophisticated state-sponsored threat actors as a persistent threat. China's APT41 and APT10 groups have been linked to attacks on Indian telecom infrastructure, defence contractors, and pharmaceutical companies. Pakistan-linked LazarusBD has targeted Indian government websites with defacement campaigns. India's National Cyber Security Coordinator has stated that "the sophistication and frequency of state-sponsored cyberattacks against Indian infrastructure has more than doubled since 2022."
Government's Cybersecurity Response
CERT-In's New Directives
India's cybersecurity regulator CERT-In issued landmark directives in 2022 requiring all organisations to report cybersecurity incidents within 6 hours — one of the strictest reporting timelines globally. While these directives faced initial criticism from industry for the administrative burden, they have dramatically improved incident visibility and CERT-In's ability to coordinate responses to major attacks.
The Digital India Act and Data Protection Framework
India's Digital Personal Data Protection Act 2023 (DPDPA) established for the first time comprehensive data protection obligations for Indian organisations. Companies collecting personal data must implement "reasonable security safeguards" — a standard CERT-In has begun elaborating through technical guidance notes. Non-compliance penalties can reach ₹250 crore — creating real financial incentives for cybersecurity investment.
National Cybersecurity Reference Framework
India's National Cybersecurity Strategy 2026, released by the National Security Council Secretariat, outlines a framework for protecting critical information infrastructure across 10 sectors: power, banking, telecom, transport, healthcare, space, defence, petroleum, water, and e-governance. The strategy mandates a dedicated Chief Information Security Officer (CISO) for all organisations in these sectors employing more than 1,000 people.
The Cybersecurity Skills Gap
India faces a severe cybersecurity talent shortage. TeamLease Digital estimates India needs approximately 10 lakh cybersecurity professionals by 2027 but currently has just 2.1 lakh — a gap of approximately 7.9 lakh professionals. This shortage drives up salaries (senior cybersecurity professionals command ₹25-60 lakh annually, with specialists in areas like cloud security, OT security, and threat intelligence earning significantly more) and leaves many organisations inadequately defended.
Several initiatives aim to address this gap. IIT Kanpur has launched an iMTech in Cybersecurity programme. NASSCOM's Future Skills Prime platform offers government-subsidised cybersecurity certifications. CERT-In runs free training programmes for government IT personnel. However, closing a 7.9-lakh person gap through education alone will take years.
How Indian Businesses Can Protect Themselves
For Indian organisations navigating the threat landscape, cybersecurity experts recommend a layered defence strategy:
- Zero Trust Architecture: Never trust, always verify — all users, even insiders, must be authenticated for every access request
- Multi-Factor Authentication (MFA): Mandatory for all administrative and remote access — MFA blocks over 99% of account compromise attacks according to Microsoft
- Regular Patching: Over 60% of successful breaches exploit known vulnerabilities with available patches — timely patching is the single highest-ROI security measure
- Employee Training: Phishing remains the #1 entry point — regular phishing simulation training reduces click rates by 70%+
- Incident Response Planning: Organisations with tested incident response plans contain breaches 54 days faster and save an average of ₹2 crore in breach costs
- CERT-In Compliance: Ensure 6-hour incident reporting capability and designated SPOC with CERT-In to avoid regulatory penalties
In an era where India's digital economy transacts trillions of rupees online and stores the health, financial, and identity data of over a billion citizens, cybersecurity is no longer an IT department concern — it is a fundamental business and national security imperative.