Ransomware continues to top the charts as the biggest threat to businesses, with attackers now leveraging AI to carry out low-effort, high-reward campaigns aimed at MSPs, manufacturers, and collaboration tools.
“India’s digital economy is expanding rapidly, but with that growth comes an expanded attack surface,” said Rajesh Chhabra, General Manager, India & South Asia at Acronis.
“AI is empowering cybercriminals to operate at scale and with higher precision. Enterprises must transition from reactive to behavior-based security models to protect their infrastructure and data.”
Acronis, a global authority in cybersecurity and data protection, has just published its Cyberthreats Report H1 2025. The findings paint a stark picture: India is now the most attacked country globally, with 12.4 % of monitored endpoints compromised—highlighting its vulnerability to AI-driven phishing, impersonation, and ransomware attacks.
The report, drawn from telemetry collected across over 1 million Windows endpoints worldwide, confirms that ransomware remains the foremost threat to mid-size and large enterprises. Cybercriminals are increasingly turning to AI to automate social engineering, business email compromise (BEC), and other advanced attacks—making them more convincing, scalable, and difficult to detect.
India’s designation as the world’s top malware target signals a critical shift in the threat landscape, especially as its digital infrastructure and industrial base expand under initiatives like “Make in India.”
Collaboration platforms—which have become deeply integrated into enterprise operations—are now major attack vectors. Phishing attacks via these tools have surged, and advanced email threats (such as payload-less and spoofed attacks) have also climbed from 9 % to 24.5 %.
Moreover, attackers are targeting MSPs and exploiting Remote Monitoring & Management (RMM) tools. TeamViewer, in particular, emerged as a frequent attack vector—with 4.56 % of Acronis’ global customers still operating unpatched versions.
Gerald Beuchelt, CISO at Acronis, warns, “Even the least sophisticated attackers today have access to advanced AI capabilities … a holistic cyber protection strategy that integrates detection, response, and recovery is essential.”
