Kaspersky GReAT flags rising cyber risks to India’s critical infrastructure heading into 2026

India needs to prioritise the protection of its critical infrastructure against sustained cyberattacks and cyberespionage as it moves into 2026, according to threat researchers at Kaspersky. Experts from the company’s Global Research and Analysis Team (Kaspersky GReAT) warn that cyber threats targeting India are expected to grow in persistence and sophistication, shaped by geopolitical tensions and the continued digitalisation of operational technology (OT) and critical systems.

According to Kaspersky GReAT, Advanced Persistent Threats (APTs) targeting India are likely to be influenced by regional dynamics, cross-border tensions and the expanding digital footprint of national infrastructure. As sectors such as power, utilities, transportation and government services adopt more connected technologies, the attack surface for threat actors is expected to widen.

“Ongoing regional tensions, hybrid warfare, and ideological hacktivism will continue to fuel both state-sponsored APTs and non-state threat actors, amplifying conflicts via digital means. Next year, geopolitics will remain the key driver for APT attacks, more destructive attacks like defacement, data leak, ransomware with politicised messaging, DDoS, and possibly more cyber operations tied to diplomatic incidents,” explains Saurabh Sharma, Lead Security Researcher for GReAT at Kaspersky.

Sharma also pointed to India’s continued push towards digital public infrastructure (DPI) as a factor that heightens the need for stronger, intelligence-led cybersecurity strategies. While initiatives aimed at digital transformation are necessary and efficient, he said they must be complemented by modern security controls capable of detecting and responding to advanced threats.

According to the Kaspersky expert, many critical infrastructure environments—such as power grids, utilities, transport networks and smart city platforms—are becoming increasingly connected, often while still relying on legacy security architectures. This convergence of IT and OT systems, he noted, creates new opportunities for attackers seeking to disrupt services rather than merely conduct espionage or data exfiltration.

“In 2026 and beyond, we’re looking at possible interference with electricity and water supplies, transport or geopolitical aftermaths, and even supply chain sabotage. India’s critical infrastructure is the backbone of its economy and public safety. As IT and OT systems converge, the role of advanced threat intelligence and integrated SOCs becomes vital to ensuring operational continuity and safeguarding national interests,” he adds.

Kaspersky GReAT said its assessment highlights the need for India to strengthen cyber resilience across critical sectors by combining traditional security controls with threat intelligence, continuous monitoring and coordinated incident response. According to the researchers, such measures will be increasingly important as cyber operations become more tightly linked to geopolitical developments and national security considerations.