India a Top APAC Target in Ransomware Surge Globally: Cyble H1 2025 Report

Cyble, the global leader in threat intelligence and cybercrime monitoring, has released its Global Threat Landscape Report: H1 2025, revealing a sharp rise in ransomware and supply chain attacks across the world—with India emerging as one of the most targeted nations in the APAC region.

According to the report, India recorded 21 ransomware attacks in the first half of 2025, placing it behind only Taiwan and Singapore in regional rankings. The primary sectors under siege were Information Technology, BFSI (Banking, Financial Services, and Insurance), and Manufacturing.

“India's growing digital economy makes it a lucrative target for cybercriminals. Ransomware groups are actively exploiting sector-specific vulnerabilities and regional tensions,” said Beenu Arora, CEO and Founder of Cyble. “Our data shows a marked increase in precision targeting—especially by ransomware gangs like Qilin, RansomHub, and Medusa—who are treating Indian firms as high-value victims.”

Also Read: Strategies for Consumer and Digital Banks to Build a Resilient Risk Culture

Key APAC Findings from the Report:

Taiwan (37), Singapore (32), and India (21) were the most targeted countries in APAC.
Qilin led the region with 32 attacks, often deploying affiliate-driven, Ransomware-as-a-Service (RaaS) campaigns.
RansomHub and NightSpire targeted Construction, Manufacturing, and Technology firms.
APAC ransomware groups are leveraging geopolitical conflicts and regional instability to time attacks with maximum disruption.

A growing trend in supply chain attacks was observed—especially against technology and telecom vendors serving Indian enterprises.

Globally, the report tracks a 54 percent year-over-year increase in ransomware attacks, totaling 3,201 incidents in H1 2025. Just three ransomware operators—CL0P, Akira, and Qilin—were responsible for 34 percent of all known incidents, showing a dangerous consolidation of capabilities.

Also Read: Top 5 High-Growth Sectors to Invest in Asia Right Now

Report Now Available

Cyble’s Global Threat Landscape Report: H1 2025 offers a region-wise breakdown of ransomware campaigns, zero-day CVEs, threat actor profiles, and sector-specific insights—critical for India’s private sector, policymakers, and security leaders.

Source : Press Release