As India continues to experience a persistent volume of cyber threats delivered through the web, Kaspersky’s detection and blocking of more than 50 lakh malicious attack detections across Indian businesses in 2025 raises serious concerns.
Organisations in India continue to experience a persistent volume of cyber threats delivered through the web, with Kaspersky detecting and blocking more than 50 lakh malicious attack detections across Indian businesses in 2025.
These web-based threats, including compromised websites, malicious downloads, and other online attack vectors that can lead to unauthorised system access and data exposure, were observed across Indian organisations throughout last year.
Kaspersky detected and blocked 5,031,065 web-based threat incidents targeting businesses in India in 2025, reflecting a 10% year-on-year increase from 2024.
“Web-based threats targeting businesses in India are growing year-on-year, and the numbers tell a clear story, India’s rapid digital transformation is expanding the attack surface faster than many organisations can secure it. As more enterprises come online, their exposure to sophisticated cyberattacks only deepens. What makes this even more pressing is the role AI now plays in the hands of threat actors, enabling attacks that are more targeted, more adaptive, and increasingly difficult to detect,” comments Jaydeep Singh, General Manager for India, Kaspersky.
India’s regulatory landscape is evolving in step with these threats. CERT-In handled nearly 29.44 lakh cyber incidents in 2025 alone, a figure that underscores just how seriously both government and industry are treating data security. Yet readiness remains uneven, many organisations are still in the early stages of compliance and governance, and the window of exposure remains significant.
“What makes this even more pressing is the role AI now plays in the hands of threat actors, enabling attacks that are more targeted, more adaptive, and increasingly difficult to detect.”
-Jaydeep Singh, General Manager for India, Kaspersky
“While it is encouraging to see awareness and cybersecurity investment rising in response to the shifting threat landscape, organisations in India cannot afford to move at a measured pace. Organisations here must treat cybersecurity not as a checkbox but as a business imperative. Keeping systems updated, enforcing strong access controls, and investing in 24/7 threat monitoring are no longer optional, they are the baseline for operating safely in today’s digital economy,” he adds.
What are web threats?
Internet-based threats expose people and computer systems to harm online.
Web threats are not limited to online activity but ultimately involve the internet at some stage for inflicted harm. While not all web threats are created deliberately, many are intended or have the potential to cause:
- Access denial. Prevention of entry to a computer and/or network services.
- Access acquisition. Unauthorized or unwanted entry into a private computer and/or network services.
- Unauthorized or unwanted use of computer and/or network services.
- Exposing private data without permission, such as photos, account credentials, and sensitive government information.
- Unauthorized or undesired changes to a computer and/or network services.
In recent years, the landscape of web threats has grown significantly. Technologies like smart devices and high-speed mobile networks have allowed for an always-connected vector of malware, fraud, and other complications. Also, web adoption in areas like communications and productivity via the Internet of Things (IoT) has outpaced user security awareness.
Staying Protected in an Always Connected Environment
To reduce exposure to web-based threats, Kaspersky encourages organisations to:
- Keep operating systems, browsers, and applications up to date to reduce exposure to vulnerabilities.
- Use strong, unique passwords for online services as well as remote access tools, and enable two-factor authentication (2FA) whenever possible to limit the impact of compromised credentials.
- Augment your existing security controls with human-led detection and global threat intelligence through solutions like Kaspersky Managed Detection and Response (MDR), an expert-led service offering 24/7 monitoring, detection, investigation and rapid response to sophisticated cyberattacks.
- Receive a comprehensive and detailed analysis of security incidents with Kaspersky Incident Response. This service covers the entire investigation and response process, including initial containment, evidence collection, identification of the primary attack vector, and development of an effective mitigation plan.
- Align your internal processes and technologies with today’s evolving threat landscape through Kaspersky SOC Consulting. This service helps you build an in-house SOC from scratch, assess the maturity of an existing SOC or enhance specific capabilities such as detection and response procedures.
- Use centralized and automated solutions such as Kaspersky Next XDR Expert to enable comprehensive protection of all your assets. By aggregating and correlating data from multiple sources in one place and using machine-learning technologies, this solution provides effective threat detection and fast automated response.
