Cyber Threat Forecast Part 2 - India   

Uploaded on 2025-02-05 in INTELLIGENCE-Hot Spots-China, INTELLIGENCE--International, FREE TO VIEW

Cyber Threat Forecast 2025 - Part Two - India

Part 2 of a 4-part  series that will forecast the international cyber threat landsape in 2025, beginning with North America, then India, Criminal / Hacktivist Activity, then Nation-State / Foreign Affairs. 

South Asia – A Hotbed For Malicious Cyber Activity

For part 2 of the 2025 Cyber Threat Forecast, we turn our attention to South Asia, where the Republic of India has experienced a surge of cyber activity dating back to the early months of 2024.

The majority of cyber-attacks across the region tend to focus on regional targets. However, the strained relations throughout South Asia, as well as between India and nation-states further afield, means that the explosion of cyber activity within this region of the world will likely become a more prominent threat to Indian networks as well as Western businesses throughout 2025.

Sino-Indian Disputes Transferring To Cyberspace

Although India and China have moved most of their frontline troops further from the disputed borders in the Himalayas, strains at the regional boundaries will likely result in sporadic encounters between opposing forces with both sides attempting to mitigate the risk of the outbreak of an armed conflict. 

To coincide with these hostilities, there is a realistic possibility that Chinese state actors will conduct espionage across the region to leverage India’s trade deficit and to gain the upper hand on the unresolved 2020 India-China border dispute.

India-Pakistan Tensions

Relative peace at the India-Pakistan border will likely continue following the renewal of a ceasefire along the Line of Control (LOC) in 2021. However, neither state has fully capitalised on this situation to restore bilateral ties with each government focusing on domestic issues. Further, Pakistan’s history of supporting anti-India militia, conflicting territorial claims over the regions of Jammu and Kashmir, as well as India’s historical territory incursions have maintained the risk of escalation which, if triggered, will likely impact regional business operations. 

Pakistani state-sponsored cyber groups such as Mythic Leopard and Cosmic Leopard will likely demonstrate more advanced targeting capabilities throughout 2025 by attacking the Indian government, defence, and aerospace sectors, whilst leveraging a range of cross-platform malware payloads written in Python, Golang, and Rust.

Pro-Palestinian Cyber Activism

Throughout 2024 a trend developed of pro-Palestinian hacktivist groups, such as Golden Falcon, RipperSec, and the Moroccan Dragons forming international cyber alliances to launch cyber-attacks against a range of enterprises across India.

The main attack vectors leveraged within these operations were: 

  • Distributed Denial-of-Service (DDoS) attacks to disrupt target company websites.
  • Web defacement attacks to spread propaganda.
  • Data breaches to leak sensitive information relating to target entities. 

These types of attacks will likely continue to emerge throughout 2025 with the motivation being to propagate pro-Palestinian sentiment by retaliating against the strengthening bilateral ties between India and Israel.

Examples of this include India historically being one of Israel’s biggest arms export clients and another being  India’s External Affairs Minister, Subrahmanyam Jaishankar, emphasising last year that Israel is one of India’s key national security allies. A portion of these attacks will also be launched with the objective of displaying solidarity with Kashmiris who have a history of supporting the Palestinian cause.

Based on the trend of previous attacks, the most likely targeted industries will be education, government, technology, healthcare, and finance.

Western Industry Impact

Although the majority of cyberwarfare engagements within the region of South Asia involve attacks against Indian network infrastructure, Western private companies will become increasingly impacted through supply chains based on their business footprint within India as well as relying on third-party IT management firms within the region.

To Be Continued:

Craig Watt is a Threat Intelligence Consultant at Quorum Cyber specializing in strategic and geopolitical intelligence.

Image: Ideogram

You Might Also Read:

Cyber Threat Forecast 2025 Part One - North America

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« New Study From Gen Reveals Over 600% Rise in 'Scam-Yourself' Attacks

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Hack Miami

Hack Miami

HackMiami is the premier resource in South Florida for highly skilled hackers that specialize in vulnerability analysis, penetration testing, digital forensics, and all manner of IT security.

SAMATE

SAMATE

The Software Assurance Metrics And Tool Evaluation project is an inter-agency project between the US Department of Homeland Security and NIST.

Military Cyber Professionals Association (MCPA)

Military Cyber Professionals Association (MCPA)

MCPA are a team of Soldiers, Sailors, Airmen, Marines, Veterans and others interested in the development of the American military cyber profession.

SISSDEN

SISSDEN

SISSDEN will improve cybersecurity through the development of increased awareness and the effective sharing of actionable threat information.

7 Elements

7 Elements

7 Elements is an independent IT security testing company providing expertise in technical information assurance through security testing, incident response and consultancy.

vdiscovery

vdiscovery

vdiscovery is a provider of proprietary and best-in-breed solutions in computer forensics, document review, and electronic discovery.

Corelight

Corelight

Corelight is the most powerful network visibility solution for information security professionals.

CyberSec Hub - The Kosciuszko Institute

CyberSec Hub - The Kosciuszko Institute

The goal of CyberSec Hub is to create a centre of excellence for cybersecurity in Krakow, a new European “Cyber-Silicon Valley”.

Binare

Binare

Binare empowers companies all over the world to improve their IIot/IoT /Embedded cybersecurity posture and digital privacy.

Stripe OLT

Stripe OLT

At Stripe OLT, we provide complete business technology solutions - Our team has an unrivalled reputation as a Microsoft Gold Partner, specialising in secure, cloud-first technology.

Navisite

Navisite

Navisite is a combination of eight respected IT consulting and managed service providers that were brought together under the Navisite brand.

Binarii Labs

Binarii Labs

Binarii are focused on helping enterprises to design and deploy SaaS solutions that utilise DLT (Digital Ledger Technology) effectively, efficiently and sensibly.

Denodo

Denodo

Denodo transforms the way organizations operate by unifying their data assets in real time and making data ubiquitous and secure to all users and business applications.

Barclay Simpson

Barclay Simpson

Barclay Simpson is proud to have a long history of delivering cyber security, technology and governance recruitment services.

US Cyber Games

US Cyber Games

US Cyber Games is committed to inform and inspire the broader community on ways to develop tomorrow’s cybersecurity workforce.

Future Crime Research Foundation (FCRF)

Future Crime Research Foundation (FCRF)

FCRF is a Non-Profit NGO specializing in Research in Cyber Security, Digital Crime, Fraud Risk Management, Cyber Laws and Cyber Forensics.