India Emerges as Ransomware Hotspot in APAC Region

According to a recent report by cybersecurity firm Cyble, India has emerged as one of the most targeted nations in the Asia-Pacific (APAC) region for ransomware attacks. In the first half of 2025, India recorded 21 such incidents, placing it behind only Taiwan (37 attacks) and Singapore (32 attacks) in the regional rankings.

The report highlights a dangerous consolidation of capabilities among criminal syndicates behind these attacks. Just three ransomware operators - CL0P, Akira, and Qilin - were responsible for 34% of all known incidents globally during this period, showcasing a worrying trend.

In India, the primary industry sectors under threat were Information Technology, Banking, Financial Services and Insurance (BFSI), and Manufacturing. Ransomware groups like Qilin, RansomHub, and Medusa are actively exploiting sector-specific vulnerabilities and regional tensions to target Indian firms, which they view as high-value victims.

The report also notes a growing trend in supply chain attacks, especially against technology and telecom vendors serving Indian enterprises. This tactic allows cybercriminals to potentially compromise a wider network of companies through a single point of entry.

Cyble's CEO and Founder, Beenu Arora, stated that "India's growing digital economy makes it a lucrative target for cybercriminals." As the country continues to digitize, the threat of ransomware and other cyber threats is likely to persist, requiring robust cybersecurity measures and vigilance from both the public and private sectors.