India witnessed an alarming spike in cyber intrusions in 2025, recording 265 million cyber attacks targeting enterprises, critical infrastructure, and small businesses — according to the newly released India Cyber Threat Report 2026 by Seqrite, the enterprise cybersecurity arm of Quick Heal Technologies.
Next Generation Antivirus (NGAV) and Anti-Ransomware (ARW) engines detected over 34 million unusual activities. Ransomware incidents were highest in January 2025, with 185 cases and 113,000 detections.
There were also 6.5 million instances of cryptojacking, which is when someone uses a device to mine cryptocurrency without the owner’s permission.
Network-based attacks surpassed 9.2 million scans, often targeting WordPress plugins, Apache Tomcat, and SysAid systems.
In terms of geography, Maharashtra (36.1 million detections), Gujarat (24.1 million), and Delhi (15.4 million) were the states most affected. The cities of Mumbai, New Delhi, and Kolkata were identified as the top targets.
Looking at different industries, the Education, Healthcare, and Manufacturing sectors together accounted for nearly 47% of all detections.
Additionally, the India Cybersecurity Preparedness 2026 Survey shows that while many organizations have strong adoption rates for advanced malware protection (86.7%) and backup readiness (78.5%), there are still significant gaps in areas such as incident response, secure configuration, and asset hygiene. With an average preparedness maturity score of 6.37 out of 10, India’s overall cybersecurity readiness is uneven, leaving organizations exposed to modern and quickly evolving threats.
India’s digital expansion, cloud adoption, and large user base continue to attract ransomware syndicates, state-aligned actors, and cybercriminal groups. Cyberattack campaigns such as Operation Sindoor reflect the rise of hybrid attacks driven by financial, political and ideological motives.
The India Cyber Threat Report 2026 presents detailed insights on advanced persistent threat activity, zero-day vulnerabilities, ransomware campaigns, malware families, and shifting attack patterns.
Sanjay Katkar, Joint Managing Director from Quick Heal Technologies Ltd., said, “India’s cyber security landscape stands at a critical juncture, facing unprecedented threats. The India Cyber Threat Report 2026 is aimed at providing policymakers, enterprises, and citizens with the intelligence needed to understand evolving threats and engage in proactive cybersecurity practices.”
View full report: https://www.seqrite.com/india-cyber-threat-report-2026/
