State-Sponsored Hackers Set Sights on India's Critical Sectors in 2025 Beyond regional threats, India has also been caught in the crossfire of geopolitical cyber conflicts. Throughout 2024, pro-Palestinian hacktivist groups, including Golden Falcon, RipperSec, and the Moroccan Dragons, launched cyberattacks against Indian enterprises, driven by India's strengthening ties with Israel

India has emerged as the most targeted country in South Asia for cyberattacks, particularly from state-sponsored groups in neighboring countries. According to Cyber Security Intelligence's Cyber Threat Forecast 2025 - Part Two - India, this trend is expected to escalate further in 2025, affecting not only Indian businesses and government agencies but also Western enterprises operating in India.

China-sponsored cyber groups

At the heart of India's cybersecurity challenges lies its long-standing territorial dispute with China. The 3,440 km-long undemarcated border between the two nations has been a flashpoint for military tensions, with clashes as recent as December 2022 in Arunachal Pradesh. While diplomatic talks continue, both countries have strengthened their military presence along the border.

As tensions persist, cyber espionage has become a key battleground. "To coincide with these hostilities, there is a realistic possibility that Chinese state actors will conduct espionage across the region to leverage India's trade deficit and gain the upper hand in the unresolved 2020 India-China border dispute," the report states.

Pakistan-based cyber groups level up their attacks

India and Pakistan experienced a series of armed clashes along the Line of Control in the disputed region of Kashmir from 2020 to 2021. While relative peace has prevailed along the India-Pakistan border following the 2021 ceasefire agreement, tensions remain due to Pakistan's continued terrorist activities in the region, its historical support of anti-India militias, and ongoing territorial disputes over Jammu and Kashmir.

This animosity is expected to fuel an increase in cyber threats in 2025. According to the report, Pakistani state-sponsored cyber groups such as Mythic Leopard and Cosmic Leopard are evolving their cyber warfare tactics. These groups are expected to intensify their attacks on India's government, defense, and aerospace sectors using cross-platform malware coded in Python, Golang, and Rust. With enhanced technical capabilities, their cyber intrusions could pose severe security and economic risks.

India caught in the crossfire of global cyber conflicts

Beyond regional threats, India has also been caught in the crossfire of geopolitical cyber conflicts. Throughout 2024, pro-Palestinian hacktivist groups, including Golden Falcon, RipperSec, and the Moroccan Dragons, launched cyberattacks against Indian enterprises, driven by India's strengthening ties with Israel.

These cyberattacks typically involve distributed denial-of-service (DDoS) attacks to disrupt websites, web defacement to spread propaganda, and data breaches to leak sensitive corporate or governmental information.

This trend is expected to continue in 2025, with industries such as education, government, technology, healthcare, and finance being the primary targets. The motivation behind these cyberattacks is not only to retaliate against India's relationship with Israel but also to express solidarity with Kashmiris, who have historically supported the Palestinian cause.

India is not taking these threats lightly. Recognizing the escalating cyber risks, both the Indian government and the private sector are ramping up cybersecurity investments. India's cybersecurity market is projected to grow from USD 5.56 billion in 2025 to USD 12.90 billion by 2030, at a compound annual growth rate (CAGR) of 18.33 per cent, according to Mordor Intelligence.