Cyber Threat Forecast Part 2 - India   

Uploaded on 2025-02-05 in INTELLIGENCE-Hot Spots-China, INTELLIGENCE--International, FREE TO VIEW

Cyber Threat Forecast 2025 - Part Two - India

Part 2 of a 4-part  series that will forecast the international cyber threat landsape in 2025, beginning with North America, then India, Criminal / Hacktivist Activity, then Nation-State / Foreign Affairs. 

South Asia – A Hotbed For Malicious Cyber Activity

For part 2 of the 2025 Cyber Threat Forecast, we turn our attention to South Asia, where the Republic of India has experienced a surge of cyber activity dating back to the early months of 2024.

The majority of cyber-attacks across the region tend to focus on regional targets. However, the strained relations throughout South Asia, as well as between India and nation-states further afield, means that the explosion of cyber activity within this region of the world will likely become a more prominent threat to Indian networks as well as Western businesses throughout 2025.

Sino-Indian Disputes Transferring To Cyberspace

Although India and China have moved most of their frontline troops further from the disputed borders in the Himalayas, strains at the regional boundaries will likely result in sporadic encounters between opposing forces with both sides attempting to mitigate the risk of the outbreak of an armed conflict. 

To coincide with these hostilities, there is a realistic possibility that Chinese state actors will conduct espionage across the region to leverage India’s trade deficit and to gain the upper hand on the unresolved 2020 India-China border dispute.

India-Pakistan Tensions

Relative peace at the India-Pakistan border will likely continue following the renewal of a ceasefire along the Line of Control (LOC) in 2021. However, neither state has fully capitalised on this situation to restore bilateral ties with each government focusing on domestic issues. Further, Pakistan’s history of supporting anti-India militia, conflicting territorial claims over the regions of Jammu and Kashmir, as well as India’s historical territory incursions have maintained the risk of escalation which, if triggered, will likely impact regional business operations. 

Pakistani state-sponsored cyber groups such as Mythic Leopard and Cosmic Leopard will likely demonstrate more advanced targeting capabilities throughout 2025 by attacking the Indian government, defence, and aerospace sectors, whilst leveraging a range of cross-platform malware payloads written in Python, Golang, and Rust.

Pro-Palestinian Cyber Activism

Throughout 2024 a trend developed of pro-Palestinian hacktivist groups, such as Golden Falcon, RipperSec, and the Moroccan Dragons forming international cyber alliances to launch cyber-attacks against a range of enterprises across India.

The main attack vectors leveraged within these operations were: 

  • Distributed Denial-of-Service (DDoS) attacks to disrupt target company websites.
  • Web defacement attacks to spread propaganda.
  • Data breaches to leak sensitive information relating to target entities. 

These types of attacks will likely continue to emerge throughout 2025 with the motivation being to propagate pro-Palestinian sentiment by retaliating against the strengthening bilateral ties between India and Israel.

Examples of this include India historically being one of Israel’s biggest arms export clients and another being  India’s External Affairs Minister, Subrahmanyam Jaishankar, emphasising last year that Israel is one of India’s key national security allies. A portion of these attacks will also be launched with the objective of displaying solidarity with Kashmiris who have a history of supporting the Palestinian cause.

Based on the trend of previous attacks, the most likely targeted industries will be education, government, technology, healthcare, and finance.

Western Industry Impact

Although the majority of cyberwarfare engagements within the region of South Asia involve attacks against Indian network infrastructure, Western private companies will become increasingly impacted through supply chains based on their business footprint within India as well as relying on third-party IT management firms within the region.

To Be Continued:

Craig Watt is a Threat Intelligence Consultant at Quorum Cyber specializing in strategic and geopolitical intelligence.

Image: Ideogram

You Might Also Read:

Cyber Threat Forecast 2025 Part One - North America

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« New Study From Gen Reveals Over 600% Rise in 'Scam-Yourself' Attacks
A History Of Artificial Intelligence And Its Current & Future Development [extract] »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

HDI Global SE

HDI Global SE

HDI Global SE provides customised insurance solutions for industrial and commercial clients worldwide including Cyber Liability insurance.

PECB

PECB

PECB is a certification body for persons, management systems, and products on a wide range of international standards in a range of areas including Information Security and Risk Management.

e-End

e-End

e-End provides hard drive shredding, degaussing and data destruction solutions validated by the highest electronic certifcations to keep you compliant with GLB, SOX, FACTA, FISMA, HIPAA, COPPA, ITAR.

Red4Sec

Red4Sec

Red4Sec are experts in ethical hacking, audits of web and mobile applications, code audits, cryptocurrency audits, perimeter security and incident response.

iSecurity Consulting

iSecurity Consulting

iSecurity delivers a complete lifecycle of digital protection services across the globe for public and private sector clients.

Schweitzer Engineering Laboratories (SEL)

Schweitzer Engineering Laboratories (SEL)

SEL specializes in creating digital products and systems that protect, control, and automate power systems around the world.

iSTORM

iSTORM

iStorm specialise in supporting organisations who require a range of Privacy, Security and Penetration testing related services.

Kriptos

Kriptos

Kriptos helps businesses improve their cybersecurity, risk, and compliance strategies by locating critical information through a technology that automatically classifies and labels documents using AI.

Otto

Otto

Stop Client-Side Attacks. Plug otto into your application security suite and protect your supply chain.

TOTM Technologies

TOTM Technologies

TOTM Technologies provides end-to-end identity management and biometrics products, powering Digital identity and Digital onboarding solutions.

HIFENCE

HIFENCE

HIFENCE delivers cybersecurity and networking services that make your company safer and more secure. That’s all we do, so you can concentrate on all the things that you do best.

Munio

Munio

Munio is a leading Fortified IT Support and Cyber Security companies in the south east of the UK.

Bitdefender Voyager Ventures (BVV)

Bitdefender Voyager Ventures (BVV)

Bitdefender Voyager Ventures is an early-stage investment vehicle focused on cybersecurity, data analytics and automation startups.

Longbow Security

Longbow Security

Longbow automates root cause for your application and cloud risks, enabling teams with intelligent remediation actions that reduce the most risk with the least effort.

Blackwired

Blackwired

Blackwired has established a new category in cyber security with an intelligence-led model based on the USMC’s Combat Hunter programme ‘Left of Bang’.

Hicomply

Hicomply

Hicomply simplifies compliance management with smart, user-friendly tools, helping you scale your processes and stay in control - no matter how complex.