Trend Micro Incorporated a global cybersecurity company, has released its Cyber Risk Report for 2025, highlighting India’s growing exposure to digital threats. The report identifies India as one of the most frequently targeted countries worldwide, with particular vulnerability to email-based attacks and malware.
Email remains the most exploited attack method globally, with more than 1.49 trillion threats detected in 2024. India accounted for 6.9% of these incidents—over 1.03 billion threats—making it the top contributor in Southern Asia and a significant hotspot within the broader Asia region. These numbers reflect a pressing need to strengthen email security measures across both public and private sectors.
India ranked third globally and second in Asia in malware detections, recording 19.3 million incidents—nearly 5% of global cases. Critical sectors such as banking, financial services, and government were most affected, with threats including CoinMiner, FakeMS, and Mudyupdate continuing to impact systems.
Ransomware activity also remains a concern, with India seeing 209,000 cases last year. The country accounted for 3.36% of global ransomware activity and nearly 78% within Southern Asia. Older ransomware strains, such as WannaCry, continue to be active, pointing to persistent gaps in software updates and device security.
“India’s digital growth makes it an increasingly appealing target for attackers. The threat environment is becoming more complex, requiring a shift from traditional security to more proactive and coordinated strategies,” said Sharda Tickoo, Country Manager for India & SAARC at Trend Micro. “Organizations must treat cybersecurity as a business enabler, not just a defensive necessity.”
Cybercriminals are increasingly using more sophisticated methods of deception, making scams harder to detect and more widespread. Techniques such as large-scale phishing, impersonation, and fraud have become more convincing with the help of advanced tools, posing serious challenges to traditional security measures. These developments underscore the need for enhanced vigilance and updated defense mechanisms to counter evolving threat strategies.
Web application vulnerabilities continue to be a significant concern, with many attacks exploiting system misconfigurations and poor authentication practices. As these weaknesses provide easy entry points, especially for automated attacks, organizations must prioritize secure application development, regular code reviews, and stringent access controls to reduce exposure.
Post-breach activity is becoming more streamlined and efficient, with attackers using automation to quickly extract data and profile victims. This acceleration in attack progression emphasizes the importance of reducing response times and deploying early detection systems capable of identifying threats before they escalate.
The global threat environment remains severe, with over 1.49 trillion email threats, 6.23 million ransomware cases, and more than 407 million malware detections recorded. Asia alone reported 430 billion email threats, with India contributing nearly a quarter and leading across all categories in Southern Asia. Encouragingly, organizations adopting proactive, structured security strategies have seen notable risk reductions. In India, the average Cyber Risk Index (CRI) score improved to 38.4 in 2024—a 6.2-point gain from the previous year—indicating progress in cyber risk management.
Founded in 1988, Trend Micro is a global cybersecurity company protecting organizations and individuals across digital environments—ranging from cloud platforms to enterprise networks and connected devices. With operations in 70 countries and over 7,000 employees, the company delivers advanced protection and centralized visibility to help businesses manage risks and maintain secure operations.
