Cybersecurity has become one of India’s most important worries, as the country faces a rapid escalation in cyberattacks on critical industries such as finance, healthcare, telecommunications, and government organisations. With rising digital penetration, India has become more exposed to cyber assaults, making it critical to bolster its defence measures. According to recent reports, India is the second most targeted nation for cyberattacks after the United States, emphasising the critical need for a strong cybersecurity policy.
The surge in cyberattacks has resulted in massive data breaches, ransomware instances, and financial losses. High-profile breaches, such as the disclosure of 850 million records from Hi-Tek Group, client data from Star Health and Allied Insurance, and 2 gigabytes of sensitive information from Telecommunications Consultants India, have generated severe concerns about data protection and security architecture. As cybercriminals deploy more advanced strategies such as artificial intelligence (AI) and machine learning (ML), India faces an unprecedented challenge in protecting its digital ecosystem.
This article examines the factors contributing to India’s increasing vulnerability to cyber threats, major cybersecurity incidents in 2024, regulatory responses, and the steps necessary to enhance the country’s cybersecurity resilience.
Several key factors have contributed to the surge in cyberattacks against Indian organizations and institutions. India’s digital transformation has accelerated in recent years, with greater acceptance of digital payments, cloud computing, and smart city projects. While these developments have boosted convenience and efficiency, they have also increased the attack surface for cybercriminals. Organisations frequently fail to keep up with evolving threats, resulting in security vulnerabilities that attackers exploit.
Despite the growing digital economy, many organizations in India, especially small and medium enterprises (SMEs), lack adequate cybersecurity measures. The financial sector, government agencies, and healthcare institutions, which store vast amounts of sensitive personal and financial data, remain attractive targets for hackers due to outdated security systems and inadequate investment in cybersecurity.
Geopolitical tensions, particularly in South Asia, have resulted in an increase in cyber espionage and government-sponsored attacks. India has experienced cyber challenges from adversaries, including state-sponsored hacker groups aiming to breach government networks, key infrastructure, and defence systems. Such attacks are frequently sophisticated and difficult to detect, necessitating modern threat intelligence systems. The use of ransomware has skyrocketed, with cybercriminals deploying AI-driven attacks to evade detection and exploit vulnerabilities. In 2024 alone, India witnessed over 108 known ransomware incidents,
with the ‘Lockbit’ group being particularly active. These attacks have caused significant disruptions to businesses and government services, resulting in financial losses and reputational damage.
Cybersecurity breaches are not always the result of external attacks. Insider threats whether intentional or accidental pose a serious risk to organizations. Employees with access to sensitive data may fall victim to phishing schemes or unknowingly compromise security protocols, leading to data leaks and unauthorized access.
Several high-profile cyber incidents have occurred in India this year, exposing vulnerabilities across multiple sectors.
One of the most alarming breaches involved Star Health, India’s largest health insurer. Hackers used Telegram chatbots to leak customer data, including sensitive personal and medical records. This incident highlighted the increasing use of automation and AI-driven techniques in cybercrime, making it even more challenging for companies to secure their data.
In another significant breach, cybercriminals stole over 2 terabytes of data from Telecommunications Consultants India, a government-owned engineering and consultancy firm. This attack raised concerns about the security of India’s critical telecommunications infrastructure.
A global IT outage happened in July 2024 as a result of a flawed upgrade from the cybersecurity company CrowdStrike. Globally, this disruption impacted large organisations, financial institutions, and airlines. The event brought to light
Ransomware assaults have increased in India, where hackers demand astronomical sums in return for unlocking encrypted data. With many organisations finding it difficult to recover from the operational and financial effects of such assaults, the healthcare, financial, and educational sectors have been the most severely impacted.
Recognizing the severity of the cybersecurity crisis, the Indian government has introduced several measures to strengthen data protection and cyber resilience. The government has
proposed new Digital Personal Data Protection (DPDP) Rules, which aim to empower citizens with greater control over their data. Key provisions include:
Mandatory encryption and access control measures for organizations handling personal data. Heavy penalties of up to ₹250 crore for data breaches and non-compliance. Strict guidelines for data storage, retention, and sharing.
These regulations are expected to significantly improve data security and ensure organizations take responsibility for safeguarding user information.
The Indian Computer Emergency Response Team (CERT-In) has been actively monitoring cyber threats and issuing advisories to mitigate risks. Additionally, the government has launched initiatives to enhance cybersecurity awareness and improve public-private collaboration in tackling cyber threats.
To streamline cybercrime reporting and response, the government has established the National Cybercrime Reporting Portal. This platform allows individuals and businesses to report cyber incidents, ensuring timely intervention by law enforcement agencies.
To effectively combat the growing cyber threats, India must adopt a comprehensive and proactive approach to cybersecurity.
Artificial intelligence and machine learning can play a crucial role in identifying and mitigating cyber threats in real time, making it essential to invest in AI-driven security solutions that enable organizations to detect anomalies and respond swiftly to potential breaches. At the same time, reducing reliance on foreign cybersecurity technology and developing indigenous solutions will help India address unique local challenges, making it imperative to encourage cybersecurity startups and foster innovation in this field. Strengthening the cybersecurity workforce is equally critical, as there is an urgent need for skilled professionals. Universities and institutions should introduce specialized cybersecurity programs to train the next generation of experts, while companies must invest in continuous training and upskilling of their IT teams. Given the global nature of cyber threats, international collaboration is essential; India should actively engage with global cybersecurity agencies, share threat intelligence, and participate in efforts to combat cybercrime. Additionally, public awareness and cyber hygiene play a crucial role in preventing attacks, necessitating government and private sector initiatives to educate citizens and businesses on
cybersecurity best practices, such as phishing scams, password security, and safe online practices.
India’s cybersecurity path is at a pivotal point. Although the nation has strengthened its cyber defences, ongoing adaptation and vigilance are necessary due to the growing sophistication of cyber attacks. India can create a more secure digital ecosystem by boosting international collaboration, developing domestic cybersecurity solutions, and investing in AI-driven threat identification.
India’s resiliency in the digital age will depend on its capacity to maintain an advantage in the cybersecurity game as fraudsters continue to modify their strategies. To guarantee that India continues to lead the world in the digital era, the public and business sectors as well as individuals must collaborate to build a safe and reliable online environment.
The author is a Research Scholar, JNU