Kaspersky blocks over 50 lakh web attacks on Indian businesses in 2025 as threat landscape intensifies

By Express Computer On Apr 24, 2026

India’s rapidly expanding digital economy is increasingly becoming a target for cybercriminals, with Kaspersky reporting that it blocked over 50 lakh web-based attacks on businesses across the country in 2025. The cybersecurity firm recorded 5,031,065 web threat incidents, marking a 10% year-on-year increase and underscoring the growing scale and sophistication of online threats.

These attacks, ranging from compromised websites and malicious downloads to advanced online attack vectors, highlight how organisations remain persistently exposed to risks that can lead to unauthorised access, data breaches, and operational disruptions.

According to Jaydeep Singh, General Manager for India at Kaspersky, the surge in attacks is closely tied to India’s accelerated digital transformation. As enterprises adopt digital technologies at scale, their attack surface is expanding faster than their ability to secure it.

“Web-based threats targeting businesses in India are growing year-on-year, and the numbers tell a clear story. India’s rapid digital transformation is expanding the attack surface faster than many organisations can secure it,” Singh noted. He also pointed to the increasing use of artificial intelligence by threat actors, enabling attacks that are more targeted, adaptive, and harder to detect.

The broader cybersecurity landscape in India reflects similar trends. Data from CERT-In reveals that nearly 29.44 lakh cyber incidents were handled in 2025, indicating heightened vigilance from both government and industry. However, preparedness remains inconsistent, with many organisations still in early stages of compliance, governance, and cyber resilience.

Singh emphasised that cybersecurity must now be treated as a core business imperative rather than a compliance requirement. “Keeping systems updated, enforcing strong access controls, and investing in 24/7 threat monitoring are no longer optional—they are the baseline for operating safely in today’s digital economy,” he added.

Understanding web-based threats

Web threats encompass a broad range of internet-driven risks that can compromise systems and data. These include attempts to deny access to systems, gain unauthorised entry, misuse network services, expose sensitive information, or alter systems without permission. While some threats are accidental, many are deliberately designed to exploit vulnerabilities.

The rise of always-connected environments, driven by IoT adoption, smart devices, and high-speed connectivity, has further amplified these risks. In many cases, technology adoption has outpaced user awareness and security preparedness, creating gaps that attackers actively exploit.

Building resilience in an always-connected world

To counter the growing threat landscape, organisations need to adopt a proactive and layered cybersecurity approach. This includes maintaining updated systems and applications, enforcing strong authentication measures such as two-factor authentication, and leveraging advanced threat detection and response capabilities.

Kaspersky recommends integrating managed detection and response (MDR) services for continuous monitoring, alongside robust incident response frameworks to quickly contain and mitigate attacks. Additionally, organisations are encouraged to invest in security operations centre (SOC) capabilities and adopt extended detection and response (XDR) platforms for centralized visibility and faster, automated threat response.

As cyber threats continue to evolve in scale and complexity, the message is clear: organisations must move beyond reactive security measures and embed cybersecurity into the core of their digital strategy.