cyber threats: India faces 370 million malware attacks in 2024, healthcare and hospitality among top targets: report

Nearly 370 million malware attacks were detected in India in 2024, averaging 702 detections per minute, highlighting the scale and intensity of cyber threats facing the country, according to a study by the Data Security Council of India and cybersecurity company Seqrite.

Further, one million ransomware detections were reported over the year.

Healthcare was the most targeted industry, facing almost 22% of attacks, followed by hospitality at about 20%, banking and financial services institutions at 17%, education at 16%, and micro, small and medium enterprises at 8%.

Chief executive of DSCI, Vinayak Godse, highlighted the need for financial incentives for some sectors to enable them to invest adequately in cybersecurity if they are not in a position to do so. Incentives are also needed for MSMEs to avail of cyberinsurance, he said.

The DSCI has made representations to the government on this, he said.

“If the government can invest to make the entire cyberspace secure, if a file coming to you is secure, then you may not be required to invest that much into cybersecurity,” he added, speaking at the report launch at the DSCI-Nasscom Annual Information Security Summit in New Delhi on Wednesday.

Also Read: India tops list of global malware attacks: Zscaler reportGeographically, India’s IT centre Bengaluru accounted for about 12% of threats detected. Notably, emerging commercial centres like Surat and Jaipur also saw significant attacks, at about 15% and 12%, respectively. State-wise, Telangana and Tamil Nadu were found to be the hotspots, facing 15% and 12% of attacks, respectively.

Regulations and norms to disclose cyber incidents may help to put greater pressure on leadership to improve cybersecurity postures, given the potential reputational damage of breaches, said Vishal Salvi, CEO of Quick Heal Technologies, the parent company of Seqrite.

Personal and user devices saw about 12 attacks per month, the study found.

Malware was the most common type of threats found, accounting for 42%, followed by potentially unwanted programmes (PUP) at 32%. Trojan malware was the most prevalent, at 43% of detected malware, followed by Infector at 34%, and Worm at 8%, among others.

The study spanned a network of 8.4 million endpoints.

Even as AI-based cyberattacks such as deepfakes can intensify and become more realistic in 2025, we can expect greater technological innovation and maturity of solutions to detect these and make them available to people, Salvi added.

Also Read: Cybersecurity in healthcare to grow from reactive to proactive measures