Cyber Threat Forecast Part 2 - India   

Uploaded on 2025-02-05 in INTELLIGENCE-Hot Spots-China, INTELLIGENCE--International, FREE TO VIEW

Cyber Threat Forecast 2025 - Part Two - India

Part 2 of a 4-part  series that will forecast the international cyber threat landsape in 2025, beginning with North America, then India, Criminal / Hacktivist Activity, then Nation-State / Foreign Affairs. 

South Asia – A Hotbed For Malicious Cyber Activity

For part 2 of the 2025 Cyber Threat Forecast, we turn our attention to South Asia, where the Republic of India has experienced a surge of cyber activity dating back to the early months of 2024.

The majority of cyber-attacks across the region tend to focus on regional targets. However, the strained relations throughout South Asia, as well as between India and nation-states further afield, means that the explosion of cyber activity within this region of the world will likely become a more prominent threat to Indian networks as well as Western businesses throughout 2025.

Sino-Indian Disputes Transferring To Cyberspace

Although India and China have moved most of their frontline troops further from the disputed borders in the Himalayas, strains at the regional boundaries will likely result in sporadic encounters between opposing forces with both sides attempting to mitigate the risk of the outbreak of an armed conflict. 

To coincide with these hostilities, there is a realistic possibility that Chinese state actors will conduct espionage across the region to leverage India’s trade deficit and to gain the upper hand on the unresolved 2020 India-China border dispute.

India-Pakistan Tensions

Relative peace at the India-Pakistan border will likely continue following the renewal of a ceasefire along the Line of Control (LOC) in 2021. However, neither state has fully capitalised on this situation to restore bilateral ties with each government focusing on domestic issues. Further, Pakistan’s history of supporting anti-India militia, conflicting territorial claims over the regions of Jammu and Kashmir, as well as India’s historical territory incursions have maintained the risk of escalation which, if triggered, will likely impact regional business operations. 

Pakistani state-sponsored cyber groups such as Mythic Leopard and Cosmic Leopard will likely demonstrate more advanced targeting capabilities throughout 2025 by attacking the Indian government, defence, and aerospace sectors, whilst leveraging a range of cross-platform malware payloads written in Python, Golang, and Rust.

Pro-Palestinian Cyber Activism

Throughout 2024 a trend developed of pro-Palestinian hacktivist groups, such as Golden Falcon, RipperSec, and the Moroccan Dragons forming international cyber alliances to launch cyber-attacks against a range of enterprises across India.

The main attack vectors leveraged within these operations were: 

  • Distributed Denial-of-Service (DDoS) attacks to disrupt target company websites.
  • Web defacement attacks to spread propaganda.
  • Data breaches to leak sensitive information relating to target entities. 

These types of attacks will likely continue to emerge throughout 2025 with the motivation being to propagate pro-Palestinian sentiment by retaliating against the strengthening bilateral ties between India and Israel.

Examples of this include India historically being one of Israel’s biggest arms export clients and another being  India’s External Affairs Minister, Subrahmanyam Jaishankar, emphasising last year that Israel is one of India’s key national security allies. A portion of these attacks will also be launched with the objective of displaying solidarity with Kashmiris who have a history of supporting the Palestinian cause.

Based on the trend of previous attacks, the most likely targeted industries will be education, government, technology, healthcare, and finance.

Western Industry Impact

Although the majority of cyberwarfare engagements within the region of South Asia involve attacks against Indian network infrastructure, Western private companies will become increasingly impacted through supply chains based on their business footprint within India as well as relying on third-party IT management firms within the region.

To Be Continued:

Craig Watt is a Threat Intelligence Consultant at Quorum Cyber specializing in strategic and geopolitical intelligence.

Image: Ideogram

You Might Also Read:

Cyber Threat Forecast 2025 Part One - North America

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« New Study From Gen Reveals Over 600% Rise in 'Scam-Yourself' Attacks
A History Of Artificial Intelligence And Its Current & Future Development [extract] »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Snow Software

Snow Software

Snow Software is changing the way organizations think about their technology investments, empowering IT and business leaders to drive transformation with precision and agility.

Indium Software

Indium Software

Indium Software is an Independent Software Testing Company offering software testing services (including security testing) and offshore Quality Assurance solutions.

Kaymera Technologies

Kaymera Technologies

Kaymera’s comprehensive mobile enterprise security solution defends against all mobile threat and attack vectors.

Hexatrust

Hexatrust

The HEXATRUST club was founded by a group of French SMEs that are complementary players with expertise in information security systems, cybersecurity, cloud confidence and digital trust.

OneSpan

OneSpan

OneSpan (formerly Vasco Data Security) is a global leader in digital identity security, transaction security and business productivity.

Concentric AI

Concentric AI

Concentric Data Risk Monitoring and Protection. Deep Learning to discover, monitor and remediate risks to sensitive data on-premises and in the cloud.

InsightCyber

InsightCyber

InsightCyber is on a mission to keep the world’s critical infrastructure, supply chains, and manufacturing operations cyber-safe, helping to prevent attacks that can have catastrophic impacts.

Tactical Network Systems (TNS)

Tactical Network Systems (TNS)

Tactical Network Solutions helps you discover hidden attack vectors in IoT and connected devices before someone else does.

Futurae Technologies

Futurae Technologies

Futurae - enabling trust and invisible security for your users on all devices and applications. Strong customer authentication (SCA) made easy.

Atlant Security

Atlant Security

Atlant Security is a cyber and IT security company offering consulting and implementation services.

McAfee

McAfee

McAfee is a worldwide leader in online protection. We’re focused on protecting people, not devices. Our solutions adapt to our customers’ needs and empower them to confidently experience life online.

CloudScale365

CloudScale365

CloudScale365 offers state-of-the-art managed IT services and cloud, hosting, security, and business continuity solutions.

IGI Cybersecurity

IGI Cybersecurity

IGI Cybersecurity delivers people-driven cybersecurity for personalized, resilient cyber defense focused on individualized strategy and unshakeable partnership.

Hawk AI

Hawk AI

Hawk AI’s mission is to help financial institutions detect financial crime more effectively and efficiently using AI to enhance rules and find anomalies.

Security Risk Advisors (SRA)

Security Risk Advisors (SRA)

Security Risk Advisors deliver cybersecurity services to leading companies in the Financial Services, Healthcare, Pharmaceuticals, Technology and Retail industries.

Cyber Qubits

Cyber Qubits

Cyber Qubits is a cybersecurity training and consulting company focused on developing the next generation of cybersecurity professionals.

Offenso Hackers Academy

Offenso Hackers Academy

At Offenso we focus on cyber security training focused on producing cyber security professionals with a wide range of abilities to counter threats from the internet and cloud to a business.