India experienced 21 ransomware attacks in the first half of 2025.The IT, banking, and manufacturing industries in India were among the top three targets for ransomware attacks in the Asia-Pacific region in the first half of 2025.
This increase is mostly due to India’s rapid digital transition and disparate levels of cybersecurity preparedness. Many businesses, particularly small and medium-sized ones, still lack the robust security protocols and skilled personnel necessary to effectively stop or manage ransomware attacks. This makes them easier targets for hackers.
According to media reports,Indian companies paid an average of $1.2 million in ransom to hackers to get their data decrypted.For the third time in four months since RansomHub’s decline, Qilin was the most active ransomware group in July.
The ransomware-as-a-service criminal group Qilin also called Agenda, encrypts and exfiltrates the data of compromised organizations, then demands payment in exchange for the data.
Despite the fact that the name is based on a Chinese mythological creature that combines the characteristics of a dragon and a horned beast, the criminal group responsible for the Qilin ransomware attack seems to have ties to Russia.
