Cyber Threat Forecast Part 2 - India   

Uploaded on 2025-02-05 in INTELLIGENCE-Hot Spots-China, INTELLIGENCE--International, FREE TO VIEW

Cyber Threat Forecast 2025 - Part Two - India

Part 2 of a 4-part  series that will forecast the international cyber threat landsape in 2025, beginning with North America, then India, Criminal / Hacktivist Activity, then Nation-State / Foreign Affairs. 

South Asia – A Hotbed For Malicious Cyber Activity

For part 2 of the 2025 Cyber Threat Forecast, we turn our attention to South Asia, where the Republic of India has experienced a surge of cyber activity dating back to the early months of 2024.

The majority of cyber-attacks across the region tend to focus on regional targets. However, the strained relations throughout South Asia, as well as between India and nation-states further afield, means that the explosion of cyber activity within this region of the world will likely become a more prominent threat to Indian networks as well as Western businesses throughout 2025.

Sino-Indian Disputes Transferring To Cyberspace

Although India and China have moved most of their frontline troops further from the disputed borders in the Himalayas, strains at the regional boundaries will likely result in sporadic encounters between opposing forces with both sides attempting to mitigate the risk of the outbreak of an armed conflict. 

To coincide with these hostilities, there is a realistic possibility that Chinese state actors will conduct espionage across the region to leverage India’s trade deficit and to gain the upper hand on the unresolved 2020 India-China border dispute.

India-Pakistan Tensions

Relative peace at the India-Pakistan border will likely continue following the renewal of a ceasefire along the Line of Control (LOC) in 2021. However, neither state has fully capitalised on this situation to restore bilateral ties with each government focusing on domestic issues. Further, Pakistan’s history of supporting anti-India militia, conflicting territorial claims over the regions of Jammu and Kashmir, as well as India’s historical territory incursions have maintained the risk of escalation which, if triggered, will likely impact regional business operations. 

Pakistani state-sponsored cyber groups such as Mythic Leopard and Cosmic Leopard will likely demonstrate more advanced targeting capabilities throughout 2025 by attacking the Indian government, defence, and aerospace sectors, whilst leveraging a range of cross-platform malware payloads written in Python, Golang, and Rust.

Pro-Palestinian Cyber Activism

Throughout 2024 a trend developed of pro-Palestinian hacktivist groups, such as Golden Falcon, RipperSec, and the Moroccan Dragons forming international cyber alliances to launch cyber-attacks against a range of enterprises across India.

The main attack vectors leveraged within these operations were: 

  • Distributed Denial-of-Service (DDoS) attacks to disrupt target company websites.
  • Web defacement attacks to spread propaganda.
  • Data breaches to leak sensitive information relating to target entities. 

These types of attacks will likely continue to emerge throughout 2025 with the motivation being to propagate pro-Palestinian sentiment by retaliating against the strengthening bilateral ties between India and Israel.

Examples of this include India historically being one of Israel’s biggest arms export clients and another being  India’s External Affairs Minister, Subrahmanyam Jaishankar, emphasising last year that Israel is one of India’s key national security allies. A portion of these attacks will also be launched with the objective of displaying solidarity with Kashmiris who have a history of supporting the Palestinian cause.

Based on the trend of previous attacks, the most likely targeted industries will be education, government, technology, healthcare, and finance.

Western Industry Impact

Although the majority of cyberwarfare engagements within the region of South Asia involve attacks against Indian network infrastructure, Western private companies will become increasingly impacted through supply chains based on their business footprint within India as well as relying on third-party IT management firms within the region.

To Be Continued:

Craig Watt is a Threat Intelligence Consultant at Quorum Cyber specializing in strategic and geopolitical intelligence.

Image: Ideogram

You Might Also Read:

Cyber Threat Forecast 2025 Part One - North America

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« New Study From Gen Reveals Over 600% Rise in 'Scam-Yourself' Attacks
A History Of Artificial Intelligence And Its Current & Future Development [extract] »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Viasat

Viasat

Viasat is a provider of high-speed satellite broadband services and secure networking systems covering military and commercial markets.

Cybersecurity Innovation Hub

Cybersecurity Innovation Hub

The main objective of the Hub is to bring cybersecurity and other advanced technologies closer to companies and as a result help to increase their performance as Industry 4.0.

Information System Security Directorate (ISSD) - Afghanistan

Information System Security Directorate (ISSD) - Afghanistan

Information System Security Directorate (ISSD) is the Directorate of MCIT responsible for the security of critical information infrastructures in Afghanistan.

Threat Status

Threat Status

Threat Status are a Threat Intelligence company. We are the developers of Trillion. A cloud based Security As A Service (SaaS) platform.

InGuardians

InGuardians

InGuardians is an independent information security consulting firm specializing in penetration testing, threat hunting, and hardware hacking.

Pixm

Pixm

Pixm’s computer vision based approach offers a truly unique and effective means to protect organizations from web-based phishing attacks.

CybrHawk

CybrHawk

CybrHawk is a leading provider of information security-driven risk intelligence solutions focused solely on protecting clients from cyber-attacks.

Twingate

Twingate

Twingate help organizations secure and manage access to their technology resources in a world where people work from anywhere.

Lavabit

Lavabit

Lavabit's Dark Internet Mail Environment is a secure, open-source, secure end-to-end communications platform for asynchronous messaging across the internet.

Arcserve

Arcserve

Defend your data with Arcserve all-in-one data protection and management solutions designed to be the right fit for your business, regardless of size or complexity.

Theos Cyber Solutions

Theos Cyber Solutions

Theos Cyber provides service-first cybersecurity solutions to digital businesses in Asia.

TrustMe

TrustMe

TrustMe’s integrated platform for business trust and resilience keeps organizations safe, secure, and trustworthy.

CERT.ar

CERT.ar

CERT.ar is the national Computer Emergency Response Team for the technical-administrative management of computer security incidents in the National Public Sector of Argentina.

UFS Technology

UFS Technology

UFS, the bank technology outfitter for community banks, provides purpose-built, bank-exclusive technology services and solutions including cybersecurity.

Lithuanian Cyber Command (LTCYBERCOM)

Lithuanian Cyber Command (LTCYBERCOM)

The Lithuanian Cyber Command is responsible for planning and execution of operations in cyberspace and installation of strategic and operational communications and information systems.

NAM-CSIRT

NAM-CSIRT

NAM-CSIRT is a team established to contribute to the security and stability of critical infrastructure and critical information infrastructure of the Republic of Namibia.