Trend Micro 2025 Cyber Risk Report: AI-Driven Threats Intensify India’s Cyber Profile
Mumbai, June 10, 2025 – Trend Micro, a global cybersecurity leader, has released its 2025 Cyber Risk Report, offering crucial insights into India’s escalating vulnerability to evolving cyber threats. The report’s findings underscore India’s persistent position as one of the most targeted countries globally across all threat vectors, particularly in the face of rampant email and malware threats. By analyzing telemetry data from 2024, the report identifies exposure points and deciphers attacker behavior, providing a roadmap for proactive countermeasures and transforming security from a challenge into a catalyst for innovation and business growth.
Email Threats: India’s Foremost Cybersecurity Concern
Globally, email remains the primary attack vector, with over 1.49 trillion threats detected. India alone accounted for a significant 6.9% of these incidents, highlighting the immense scale of the challenge. Within Asia, India was responsible for a staggering 23.92% of email-based threats, and a dominant 90.78% in Southern Asia, cementing its status as the region’s primary hotspot. In absolute terms, India recorded over 1.03 billion email threats, reflecting widespread exposure across industries and underscoring the urgent need for enhanced email security infrastructure.
Malware and Ransomware Persist as Major Threats to Indian Enterprises
India continues to be a top target for cyber threats, ranking 3rd globally and 2nd in Asia with 19.3 million malware detections, representing 4.74% of global activity. The Banking, Financial Services, and Government sectors bore the brunt of these attacks, frequently targeted by malware families such as CoinMiner, FakeMS, and Mudyupdate. Ransomware also remains a significant concern in the region, with India accounting for 3.36% of global ransomware detections and a staggering 77.68% within Southern Asia. In 2024 alone, 209,000 ransomware incidents were reported, with WannaCry (WCRY) being the most frequently observed variant. The continued efficacy of such older threats points to persistent gaps in patching and endpoint security across organizations.
Commenting on these findings, Sharda Tickoo, Country Manager for India & SAARC, Trend Micro, stated: “India’s expanding digital footprint inherently makes it an attractive target for cybercriminals. From ransomware and malware to sophisticated email threats, attackers are demonstrating increasing persistence and adaptability. With AI profoundly transforming the threat landscape, it is imperative that businesses in India recognize the dual-edged nature of these technologies. Now is the opportune moment for proactive, intelligence-driven cybersecurity strategies that extend far beyond basic defenses.”
Global Insights and AI’s Impact on Cybercrime
Beyond India-specific insights, the report offers a global perspective, detailing notable uses of AI in cybercrime and highlighting prominent Advanced Persistent Threat (APT) campaigns. Key global findings include:
- AI-driven Exploitation and Deception: Threat actors are increasingly leveraging generative AI for disinformation campaigns, advanced phishing, and elaborate scams such as pig butchering and virtual kidnapping. The use of deepfakes and malicious digital twins makes these attacks significantly more convincing and harder to detect. Conversely, AI also empowers network defenders, enabling better prediction and prevention of cyberattacks, as exemplified by industry-first security LLMs.
- LLM and Rogue AI Risks: The OWASP Top 10 for Large Language Models (LLMs) identifies critical web application security risks, including embedding weaknesses and misinformation. Rogue AI threats can also emerge from attacker manipulation, human error, or technological limitations.
- Enhanced Post-Breach Tactics: AI facilitates faster, large-scale reconnaissance by automating data extraction and analysis, enabling cybercriminals to identify vulnerable victims and escalate attacks more efficiently.
Global & Regional Threat Patterns at a Glance:
- Globally, email threats surged past 49 trillion, ransomware incidents reached 6.23 million, and malware detections surpassed 407 million.
- Asia experienced over 430 billion email threats, with India contributing nearly a quarter of these.
- In Southern Asia, India significantly dominated all threat categories: 78% of email threats, 93.82% of malware, and 77.68% of ransomware.
- Organizations that proactively adopted robust security measures demonstrated measurable reductions in cyber risk, achieving an average score of 38.4 for the year on the Cyber Risk Index (CRI), a 6.2-point improvement from 2023.
Recommendations for Lowering Cyber Risk:
To effectively lower their Cyber Risk Index, Trend Micro urges organizations to:
- Optimize Security Settings: Maximize product features to receive timely alerts on misconfigurations, vulnerabilities, and other risks. This includes leveraging native sensors and third-party sources to build a comprehensive view of the attack surface.
- Verify and Investigate Risky Events: Promptly contact device and/or account owners upon detection of a risky event to verify and investigate, utilizing advanced search functionalities within security platforms.
- Conduct Stale Account Inventory: Regularly delete inactive and unused accounts, disable risky accounts, reset passwords with strong credentials, and enable multi-factor authentication (MFA).
- Apply Timely Patches and Upgrades: Consistently apply the latest security patches and regularly upgrade application/OS versions to mitigate known vulnerabilities.
About Trend Micro:
Trend Micro, a global cybersecurity leader, is dedicated to making the world safer for digital information exchange. Bolstered by decades of security expertise, extensive global threat research, and continuous innovation, Trend Micro’s AI-powered cybersecurity platform safeguards hundreds of thousands of organizations and millions of individuals across diverse environments including clouds, networks, devices, and endpoints. As a recognized leader in cloud and enterprise cybersecurity, Trend Micro’s platform delivers a powerful array of advanced threat defense techniques optimized for major platforms and offers central visibility for superior, faster detection and response. With a workforce of 7,000 employees across 70 countries, Trend Micro empowers organizations to simplify and secure their interconnected world.