India continues to see a surge in cybercrime affecting each residents and companies, with cyber fraud in opposition to residents leaping 51% over the previous 12 months and cyberattackers focusing on companies in volumes considerably larger than international averages.
Total, Indian residents filed greater than 1.7 million cybercrime complaints in 2024, up from 1.1 million complaints in 2023, in response to the newest information from India’s Nationwide Cyber Reporting Platform (NCRP) launched in early February. Whereas a lot of these cyber scams got here from home sources, about 45% of the cyberattacks got here from cybercriminal havens in Cambodia, Myanmar, and Laos, in response to the report.
The issue underscores the darkish aspect of accelerating entry to on-line providers. Whereas the nation is digitizing a lot of its authorities providers — giving residents simpler entry — crime has adopted on-line, President Droupadi Murmu stated throughout a speech to Parliament on Jan. 31.
“[I]n an more and more digital society, cybersecurity has turn out to be an important subject of nationwide significance,” Murmu stated. “Digital fraud, cybercrime, and rising applied sciences like deepfakes pose challenges to our social, financial, and nationwide safety.”
India’s residents will not be the one targets of cybercriminals — enterprise websites more and more face on-line assaults. Cyber-risks and digital/expertise dangers are probably the most urgent issues for firms in India, with companies within the area prioritizing these points greater than their international counterparts, in response to PricewaterhouseCoopers’ “2025 World Digital Belief Insights — India Version.”
Supply: PricewaterhouseCoopers, “2025 World Digital Belief Insights — India Version”
“Over the subsequent 12 months, Indian organizations are prioritizing the mitigation of three key dangers: cyberthreats, digital vulnerabilities and inflation,” PwC India said within the report. “This focus highlights the crucial want for sturdy cybersecurity, dependable technological infrastructure, and techniques to counter rising prices and guarantee resilience and sustained progress.”
Companies See Totally different Menace Profile
In contrast with different areas of the world, India is seeing a higher quantity of assaults. The common web site in India sees about 6.9 million undesirable requests — sometimes called “assaults” by distributors — yearly, with 26% extra assaults per web site in contrast with the worldwide common, in response to Indusface. Denial-of-service assaults are additionally extra widespread in opposition to Indian targets, in contrast with the worldwide common, says Venky Sundar, founder and president for the Americas at Indusface.
The risk actors have gone mobile-first, with API servers for cellular functions focused with 43% extra requests per host in contrast with web sites, he says.
There’s “a shift in assault methods in the direction of disrupting cellular and linked providers,” Sundar says. “Cybercrime is more and more focusing on external-facing APIs related to cellular apps moderately than simply conventional net platforms.”
The assaults are cut up pretty evenly between home sources and international ones, he provides. Total, about half of the malicious visitors focusing on firm websites and API servers are home, with a lot of the remainder coming from 4 international locations: US, France, UK, and Singapore.
The federal government is at the moment taking steps to make life tougher for attackers. The Reserve Financial institution of India (RBI), for instance, has created unique Web domains for banks (financial institution.in) and for non-bank monetary establishments (fin.in), which will probably be run by the Institute for Growth and Analysis in Banking Know-how (IDRBT). India additionally handed its first privateness and data-protection legislation in 2023, and drafted implementation guidelines final month, which collectively outline the rights of Indian residents and necessities for firms dealing with information.
India and the US additionally not too long ago signed a memorandum of understanding (MoU) that permits the 2 international locations to cooperate on intelligence gathering, the change of knowledge on cybercrime instances, and collaborative coaching. India has additionally fought to rescue and repatriate its residents from compelled labor camps for legal syndicates in Cambodia, Myanmar, and Laos, the place they’re compelled to conduct a wide range of on-line scams.
But the nation nonetheless faces a scarcity of cybersecurity professionals. In September, the federal government introduced an effort to prepare 5,000 “cyber commandos” over the subsequent 5 years, to assist nationwide and state governments with cyber investigations.
Coaching residents in cybersecurity can have extra advantages, President Murmu stated in her remarks to Parliament.
“My authorities has taken quite a few measures to manage these cyber threats, creating alternatives for employment within the subject of cybersecurity for the youth [and] is constantly working to make sure competence in cybersecurity,” she stated, noting that the nation has reached Tier 1 standing within the Worldwide Telecommunication Union’s World Cybersecurity Index.
