India's Computer Emergency Response Team (CERT-In) reported a staggering 300 percent increase in cybersecurity incidents in the first quarter of 2026 compared to the same period last year. The surge is driven by a new generation of AI-powered attacks that are more sophisticated, targeted, and difficult to detect than anything seen before.
The New Threat Landscape
AI-generated phishing emails, indistinguishable from legitimate corporate communications, account for the largest share of incidents. Attackers use large language models to craft personalized messages that bypass traditional email filters and social engineering defenses.
Deepfake fraud has emerged as particularly damaging. In several high-profile cases, attackers used AI-generated video calls impersonating company executives to authorize fraudulent wire transfers totaling over ₹500 crore. Financial services firms have been the primary targets.
Ransomware Evolution
- Average ransom demand: ₹12 crore (up from ₹3.5 crore in 2024)
- Healthcare sector targeted in 35% of ransomware attacks
- Government agencies accounted for 22% of incidents
- Mean recovery time: 23 days (up from 16 days)
"We are in an arms race where attackers are leveraging the same AI tools that defenders use, but with fewer constraints. Organizations must assume they will be breached and invest in detection and response, not just prevention," said Lt. Gen. (Retd.) Rajesh Pant, former National Cyber Security Coordinator.
The government has announced a ₹5,000 crore cybersecurity modernization program and is establishing a National Cyber Security Operations Centre to coordinate responses to major incidents.
