According to Threat Intelligence Report (for last six months) by Check Point Software Technologies Limited, there has been startling increase in cyberattacks on the Indian education sector, with 8,195 attacks per week, more than double the global average of 3,355. After the education sector, the other most attacked industries were healthcare with 7,982 weekly attacks per organisation, followed by government/military sector experiencing 4,590 attacks and the consulting sector facing 4,177 weekly attacks per organisation.

As per the report, the surge in attacks is largely attributed to the rapid shift to remote learning during COVID-19 and the continued digitisation of education. Educational institutions in India are collecting and storing vast amounts of sensitive student data, including personal, academic, and financial information, making them prime targets for cybercriminals. The increasing frequency and sophistication of cyberattacks, coupled with the widespread adoption of online learning platforms, have expanded the digital footprint of these institutions, making them more vulnerable to data breaches. Cybercriminals are exploiting weak cybersecurity defenses in schools and universities to steal personally identifiable information (PII), often sold on Dark Web.

Over the past six months, organisations in India have experienced an average of 3,244 cyberattacks per week, which is nearly double the global average of 1,657 attacks per organisation. This stark contrast underscores the heightened vulnerability of Indian organisations in the face of escalating cyber threats.

The report highlighted FakeUpdates, Qbot, and Formbook as the most prevalent malware in India, with 54 per cent of attacks delivered via email and 58 per cent of email-borne attacks using .exe files. Information disclosure vulnerabilities have also affected 70 per cent of Indian organisations, exposing critical data to threats. Moreover, the most common malware in India includes four botnets, one infostealer (Formbook), and one downloader (FakeUpdates).

Commenting on the report, Sundar Balasubramanian, managing director for India and SAARC, Check Point Software Technologies, said, “Cybercriminals are increasingly targeting critical sectors in India, particularly those handling vast amounts of PII, such as education, which often has wide attack surface. With the rise of generative artificial intelligence (GenAI), these threats are poised to become even more severe especially as social engineering and phishing attacks escalate. The surge in attacks underscores the urgent need for organisations to strengthen their cyber security frameworks. Proactive measures, including robust defenses and continuous monitoring, are essential to safeguard sensitive data and maintain operational integrity.”