TLDR: India is facing a severe cybersecurity challenge, experiencing over 3,000 cyberattacks per organization weekly, significantly higher than the global average. This surge is exacerbated by the increasing use of generative AI (GenAI) in sophisticated attack campaigns, leading to accelerated threats, disinformation, and data risks. Check Point Research highlights education, telecommunications, and government as prime targets, urging a prevention-first, AI-powered defense strategy.
New reports from Check Point Research reveal an escalating cyber threat landscape in India, with organizations enduring an average of 3,237 to 3,291 cyberattacks per week. This figure starkly contrasts with the global average of 1,994 weekly attacks, underscoring India’s heightened vulnerability in the digital realm. The findings are detailed in Check Point’s ‘Global Threat Intelligence Report for August 2025’ and ‘The State of Global Cyber Security 2025’ annual report.
A significant factor contributing to this surge is the increasing role of generative AI (GenAI) in cyber-attacks. The year 2024 saw GenAI being leveraged to accelerate attack speeds, facilitate disinformation campaigns, create deepfake videos, steal money, and influence public opinion. This technological advancement in offensive capabilities presents new challenges for cybersecurity defenses.
Globally, the education sector remains the most targeted, experiencing an average of 4,178 weekly attacks per organization, a 13% increase year-over-year. This is attributed to ongoing digitization and often underfunded security measures. Telecommunications companies faced 2,992 weekly attacks (+28% YoY), while government institutions recorded 2,634 weekly attacks (+3%). The agriculture sector witnessed the most dramatic growth in attacks, at 101% year-over-year, with 1,667 incidents, highlighting attackers’ interest in exploiting global supply chains.
In India, the healthcare sector was the most heavily impacted, suffering 8,614 weekly attacks per organization, followed by Education/Research (7,983) and Government/Military (4,731). The prevalent malware strains identified in India include Remote Access Trojans (RATs), the Infostealer ‘Formbook’, the ‘Maze’ ransomware, and a botnet and downloader known as ‘FakeUpdates’.
Ransomware continues to be a highly disruptive threat, with 531 publicly reported incidents globally in August, marking a 14% year-over-year increase. North America accounted for 57% of these cases, followed by Europe at 24%. Leading ransomware groups such as Qilin (16% of attacks), Akira (8%), and Inc. Ransom (6%) have been particularly active, with Inc. Ransom notably targeting healthcare and education sectors.
Omer Dembinsky, Data Research Manager at Check Point Research, emphasized the gravity of the situation: “August’s threat data makes one thing clear: cyberattacks are intensifying in both volume and impact. Education, telecoms, and agriculture are being targeted because they are essential and because attackers know disruption here creates maximum leverage. With ransomware rising and AI accelerating attack speed, the only sustainable path forward is a prevention-first, AI-powered strategy.”
Maya Horowitz, VP of Research at Check Point Software, added, “Cyber security in 2025 is not only about protecting networks; it’s about safeguarding trust in our systems and institutions. The State of Global Cyber Security 2025 highlights the rapid evolution of threats and reinforces the need for resilience in the face of persistent and complex adversaries.”
In a separate incident in May, India also faced a critical data breach that exposed 500 GB of biometric data, including fingerprints and facial scans, affecting police, military personnel, and public workers during elections. This breach, linked to unsecured databases managed by ThoughtGreen Technologies and Timing Technologies, underscored the growing risks to India’s biometric systems.
Also Read:
- India’s Ambitious AI Drive: From Sovereign Models to a Skilled Workforce
- Generative AI: Transforming Industries with Key Automation Use Cases and India’s Surging Startup Ecosystem in 2025
To combat these evolving threats, Check Point Software recommends several key actions for CISOs: strengthening BYOD (Bring Your Own Device) security, investing in AI-driven threat intelligence tools, enhancing proactive patch management, securing edge devices like routers and VPNs, and focusing on overall cyber resilience with comprehensive incident response plans and continuous monitoring.
