/vnd/media/agency_attachments/bGjnvN2ncYDdhj74yP9p.png)
/vnd/media/media_files/2025/09/20/cert-in-sets-the-rules-2025-09-20-13-02-25.jpg)
Check Point Software Technologies, has published its latest Threat Intelligence Report focused on India. According to the report, the education and research sector is under particular strain, recording approximately 7,095 weekly attacks per organisation.
The next most-targeted sectors are government, with 5,140 weekly attacks, and consumer goods and services, with 3,889 weekly attacks. These figures underline the broad spectrum of industries facing growing cyber risk in India.
Across all sectors, Indian organisations faced an average of 3,233 cyberattacks per week over the past six months, well above the global average of 2,002 attacks per organisation.
The sharp rise in cyberattacks targeting the education sector can be attributed to a combination of intersecting factors. The widespread adoption of hybrid learning models, along with the extensive use of personal or shared devices and highly connected campus networks, has significantly expanded the digital footprint, thereby increasing the potential attack surface.
Many institutions also face resource limitations, operating with outdated infrastructure, small IT teams, and restricted cybersecurity budgets, leaving them more vulnerable to threats. Additionally, the heavy reliance on internet-facing platforms for collaboration, research, and virtual classrooms introduces multiple points of entry for attackers.
Furthermore, the sector holds high-value assets, such as intellectual property, sensitive student data, and access to government-funded research, making it an appealing target for cybercriminals.
On the malware front, the report outlines several notable trends influencing the cyber threat landscape in India. Infostealers have seen a sharp 58 percent rise, becoming the primary tool for initial access by targeting credentials and sensitive information, particularly tokens and VPN details, within bring-your-own-device (BYOD) environments.
While the prevalence of botnets and banking malware has declined, infostealers have filled the gap, reflecting a shift in attacker strategies. Remote Access Trojans (RATs), including variants such as Remcos and AsyncRAT, continue to evade defences, often distributed through phishing campaigns. Meanwhile, botnets remain active, using compromised websites and edge devices to deliver malicious payloads and establish long-term persistence within networks.
Commenting on the findings, Sundar Balasubramanian, Managing Director for India and South Asia at Check Point, observed, “India’s education and research sector continues to be at the epicentre of cyber threats. Infostealers and RATs are exploiting vulnerabilities in hybrid learning models and connected ecosystems. To counter this, institutions need to adopt a prevention-first posture driven by cloud-native security, endpoint protection and actionable threat intelligence. Safeguarding intellectual capital and maintaining academic continuity requires resilience at the heart of every digital strategy.”