India Ranks Among APAC’s Top Three Targets for Ransomware Attacks in 2025
In the rapidly evolving landscape of cybersecurity threats, India has emerged as one of the Asia-Pacific region’s top three ransomware targets in the first half of 2025. According to a recent report by cybersecurity firm Cyble, India logged 21 ransomware incidents during this period, positioning it just behind Taiwan and Singapore in the frequency of such cyberattacks.
Sectors Most Affected
The sectors most impacted by ransomware attacks in India include Information Technology (IT), Banking, Financial Services and Insurance (BFSI), and manufacturing. These industries, critical to the nation’s economic infrastructure, are facing escalating security challenges as cybercriminals continue to deploy increasingly sophisticated ransomware tactics.
Deeper Systemic Vulnerabilities: The Shadow AI Factor
While ransomware dominates headlines, experts point to deeper organizational vulnerabilities exacerbated by emerging technologies. IBM’s latest cybersecurity report highlights the average cost of a data breach in India at approximately ₹22 crore (around $2.7 million), marking a 13% increase from ₹19.5 crore in 2024. Notably, companies that integrated artificial intelligence (AI) and security automation were able to reduce breach-related costs by more than half.
Despite these benefits, about 73% of Indian organizations reported limited or no use of AI and security automation technologies. One key challenge is the phenomenon of "Shadow AI"—the use of AI tools by employees without oversight from IT or compliance teams. IBM identified Shadow AI as one of the top three contributors to the rising costs of data breaches in India, adding roughly ₹1.8 crore per incident on average. Compounding the issue, fewer than half of the surveyed organizations have policies to detect or manage Shadow AI usage.
Governance Gaps and Visibility Challenges
Governance around AI remains insufficient. Nearly 60% of organizations lack formal AI governance policies or are still in the process of drafting them. Among those with policies, only about one-third have implemented technologies for enforcement. This gap underscores the broader problem of inadequate governance frameworks in addressing evolving cybersecurity threats.
Beyond AI, Indian companies continue to struggle with visibility across their cybersecurity environments. A separate report from cybersecurity firm Infopercept revealed that 84% of Chief Information Security Officers (CISOs) admitted to lacking full visibility into vulnerabilities such as system misconfigurations, unpatched software, unprotected custom applications, and human errors.
As Infopercept cautioned, “Exposures are not attacks, but they are open doors for attackers. And most companies are leaving those doors wide open.”
Bridging the Gap Between Cybersecurity and Business Impact
Experts emphasize a significant disconnect between cybersecurity operations and their alignment with business risk priorities. Purvang Raval, Assistant Vice President of Product Marketing at Infopercept, explains, “You may have over 5,000 vulnerabilities in your environment, but in reality, only 50 of them matter most from a business risk point of view. The real gap is a lack of business context in cybersecurity decision-making.”
Raval further highlights that organizations lack a unified approach to categorizing cybersecurity risks, particularly regarding AI. “There are two distinct concerns—security with AI and security for AI. Most companies are failing at both,” he said.
Additionally, employee awareness remains a blind spot. Raval pointed out the need for comprehensive education programs targeting especially Gen Z employees to increase understanding of AI risks and digital accountability, moving beyond basic cybersecurity training.
Outlook and Recommendations
As India grapples with increasing ransomware incidents and associated cybersecurity challenges, the importance of adopting AI-driven security automation, strengthening governance frameworks, and improving threat visibility cannot be overstated. Companies are encouraged to develop robust policies addressing Shadow AI, enhance vulnerability management with business context, and invest in extensive employee education to mitigate cyber risks effectively.
With ransomware and AI-driven threats continuing to evolve, a proactive and integrated approach to cybersecurity remains critical for India’s digital economy stability.
—
For the latest updates on cybersecurity trends and technology news, keep following Smart Money Mindset.