The sectoral analysis showed sharp increases in cyber threats across several key industries
Indian businesses were subjected to a significant increase in cyber threats during the first half of 2025, with a new report revealing a dramatic escalation in attacks targeting Application Programming Interfaces (APIs). According to a study by cybersecurity firm Indusface, over 4.26 billion attacks were blocked across the country during the six-month period, representing a 15 per cent increase from the previous year.
The report found that API attacks are now the most vulnerable target for hackers, surging by a staggering 126 per cent year-on-year. Vulnerability exploits on these digital entry points increased 13 times, while DDoS incidents on API hosts saw a 388% spike. In total, more than 1.36 billion API attacks were recorded.
Sectors Hit Hardest
The sectoral analysis showed sharp increases in cyber threats across several key industries. The manufacturing sector reported a 311 per cent rise in attacks, with DDoS incidents up 427 per cent. Retail and e-commerce faced a 420 per surge in DDoS, while the insurance industry saw a 309 per cent rise in overall attacks, with vulnerability exploits increasing tenfold.
The report also noted a 14 per cent increase in attacks on the banking and financial services sector, with vulnerability exploitation up 46 per cent, and a 172 per cent spike in DDoS incidents during a specific geopolitical event. Small and mid-sized businesses were found to be disproportionately affected, facing significantly more attacks than larger enterprises.
Unpatched Vulnerabilities and Sophisticated Threats
The study highlights a troubling trend of unaddressed vulnerabilities within Indian businesses. Nearly 40 per cent of enterprises admitted they lack the resources to respond to continuous threats, and alarmingly, one-third of high-severity vulnerabilities remained unpatched for more than six months.
The report suggests that attackers are shifting from high-volume, disruptive attacks to “low-and-slow precision exploits,” often weaponising zero-day vulnerabilities within days of discovery. Attack traffic originated largely from India, followed by the United States, France, Singapore, and Germany, positioning India as both a top source and target of application-layer attacks globally.
Ashish Tandon, the founder and CEO of Indusface, commented that APIs have become one of the biggest risk surfaces due to the extensive third-party integrations and sensitive data flows they enable. The report underscores the growing pressure on companies to adopt faster vulnerability detection and real-time monitoring to keep up with the evolving threat landscape, with regulators such as SEBI and RBI intensifying their scrutiny.
