Cyber Threat Forecast Part 2 - India   

Uploaded on 2025-02-05 in INTELLIGENCE-Hot Spots-China, INTELLIGENCE--International, FREE TO VIEW

Cyber Threat Forecast 2025 - Part Two - India

Part 2 of a 4-part  series that will forecast the international cyber threat landsape in 2025, beginning with North America, then India, Criminal / Hacktivist Activity, then Nation-State / Foreign Affairs. 

South Asia – A Hotbed For Malicious Cyber Activity

For part 2 of the 2025 Cyber Threat Forecast, we turn our attention to South Asia, where the Republic of India has experienced a surge of cyber activity dating back to the early months of 2024.

The majority of cyber-attacks across the region tend to focus on regional targets. However, the strained relations throughout South Asia, as well as between India and nation-states further afield, means that the explosion of cyber activity within this region of the world will likely become a more prominent threat to Indian networks as well as Western businesses throughout 2025.

Sino-Indian Disputes Transferring To Cyberspace

Although India and China have moved most of their frontline troops further from the disputed borders in the Himalayas, strains at the regional boundaries will likely result in sporadic encounters between opposing forces with both sides attempting to mitigate the risk of the outbreak of an armed conflict. 

To coincide with these hostilities, there is a realistic possibility that Chinese state actors will conduct espionage across the region to leverage India’s trade deficit and to gain the upper hand on the unresolved 2020 India-China border dispute.

India-Pakistan Tensions

Relative peace at the India-Pakistan border will likely continue following the renewal of a ceasefire along the Line of Control (LOC) in 2021. However, neither state has fully capitalised on this situation to restore bilateral ties with each government focusing on domestic issues. Further, Pakistan’s history of supporting anti-India militia, conflicting territorial claims over the regions of Jammu and Kashmir, as well as India’s historical territory incursions have maintained the risk of escalation which, if triggered, will likely impact regional business operations. 

Pakistani state-sponsored cyber groups such as Mythic Leopard and Cosmic Leopard will likely demonstrate more advanced targeting capabilities throughout 2025 by attacking the Indian government, defence, and aerospace sectors, whilst leveraging a range of cross-platform malware payloads written in Python, Golang, and Rust.

Pro-Palestinian Cyber Activism

Throughout 2024 a trend developed of pro-Palestinian hacktivist groups, such as Golden Falcon, RipperSec, and the Moroccan Dragons forming international cyber alliances to launch cyber-attacks against a range of enterprises across India.

The main attack vectors leveraged within these operations were: 

  • Distributed Denial-of-Service (DDoS) attacks to disrupt target company websites.
  • Web defacement attacks to spread propaganda.
  • Data breaches to leak sensitive information relating to target entities. 

These types of attacks will likely continue to emerge throughout 2025 with the motivation being to propagate pro-Palestinian sentiment by retaliating against the strengthening bilateral ties between India and Israel.

Examples of this include India historically being one of Israel’s biggest arms export clients and another being  India’s External Affairs Minister, Subrahmanyam Jaishankar, emphasising last year that Israel is one of India’s key national security allies. A portion of these attacks will also be launched with the objective of displaying solidarity with Kashmiris who have a history of supporting the Palestinian cause.

Based on the trend of previous attacks, the most likely targeted industries will be education, government, technology, healthcare, and finance.

Western Industry Impact

Although the majority of cyberwarfare engagements within the region of South Asia involve attacks against Indian network infrastructure, Western private companies will become increasingly impacted through supply chains based on their business footprint within India as well as relying on third-party IT management firms within the region.

To Be Continued:

Craig Watt is a Threat Intelligence Consultant at Quorum Cyber specializing in strategic and geopolitical intelligence.

Image: Ideogram

You Might Also Read:

Cyber Threat Forecast 2025 Part One - North America

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« New Study From Gen Reveals Over 600% Rise in 'Scam-Yourself' Attacks
A History Of Artificial Intelligence And Its Current & Future Development [extract] »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Cyber 360

Cyber 360

Cyber 360 is a Cybersecurity contract and fulltime placement firm dedicated to identifying and hiring Cybersecurity professionals.

Telecom Information Sharing and Analysis Center Japan (T-ISAC Japan)

Telecom Information Sharing and Analysis Center Japan (T-ISAC Japan)

T-ISAC Japan coordinates information sharing and activities related to ISP/telecommunications network security in Japan.

Sepio Cyber

Sepio Cyber

Sepio is the leading asset risk management platform that operates on asset existence rather than activity.

Cyjax

Cyjax

Cyjax monitors the Internet to identify the digital risks to your organisation, including cyber threats, reputational risks and the Darknet.

Entel CyberSecure

Entel CyberSecure

Entel CyberSecure is a portfolio of Cybersecurity solutions and services for the protection, defense, risk management and regulatory compliance of ICT Systems for corporations and Government.

Xperien

Xperien

Xperien is a leading South African Information Technology Asset Disposition (ITAD) company.

North West Cyber Resilience Centre (NWCRC)

North West Cyber Resilience Centre (NWCRC)

The North West Cyber Resilience Centre is a trusted, not-for-profit venture between Greater Manchester Police and Manchester Digital.

Contextual Security Solutions

Contextual Security Solutions

Contextual Security Solutions is a leading provider of penetration testing services and IT security & compliance audits.

Arcanna.ai

Arcanna.ai

Using a wide range of out-of-the box integrations, Arcanna.ai continuously learns from existing enterprise cybersecurity experts and scales your team’s capacity to deal with threats.

Prescient Solutions

Prescient Solutions

Prescient Solutions is a managed services provider, using a cloud-based model to provide IT solutions to small, mid-sized, global organizations and government entities.

Tech Vedika

Tech Vedika

Tech Vedika has access to technical guidance, training and resources from AWS to successfully undertake solution architecture, application development, application migration, and managed services.

Distology

Distology

Distology are an award-winning cloud security distributor bringing a wealth of experience and strong relationships with a huge breadth of partners covering the UK, Ireland and Benelux.

O'Reilly Media

O'Reilly Media

O’Reilly’s help professionals learn best practices and discover emerging trends that will shape the future of the tech industry.

Evo Security

Evo Security

Evo Security is an Identity and Access Management company focused exclusively on serving MSPs, MSSPs and their SMB and Mid-Market customers.

Zeus Cloud

Zeus Cloud

Zeus Cloud provide clients with world-class web hosting services to businesses both big and small.

Cyphershield

Cyphershield

Cypershield is a Security and Smart Contract audit company providing professional smart contract auditing services for varied Crypto projects.