India’s evolving cyber threat landscape sees attackers prioritise persistence, silent monetisation, and targeted disruption over large-scale visibility
Pune, May 21st 2026: As cyberattacks continue to evolve in sophistication and intent, Seqrite, the enterprise security arm of Quick Heal Technologies Limited, a global provider of cybersecurity solutions, has identified a growing shift towards stealth-oriented monetisation tactics, particularly cryptojacking and low-volume, high-impact ransomware campaigns.
Unlike traditional ransomware attacks designed for immediate disruption and visibility, newer threat models are increasingly engineered for persistence, silent infiltration, and long-term monetisation. Attackers are now prioritising covert access to enterprise infrastructure, enabling them to exploit computing resources, exfiltrate sensitive data, or selectively deploy ransomware against high-value targets while remaining undetected for extended periods.
Insights from the India Cyber Threat Report 2026, developed by Seqrite Labs, indicate that cybercriminals are steadily moving towards attacks that maximise operational and financial impact without triggering immediate detection. The report recorded 265.52 million detections across more than 8 million endpoints, averaging 505 detections every minute, underscoring the scale and persistence of modern cyber threats.
One of the emerging concerns within this landscape is cryptojacking, where attackers secretly hijack enterprise systems to mine cryptocurrency using organisational computing power. These attacks often operate silently in the background, degrading system performance, increasing infrastructure costs, and creating hidden entry points for more severe compromises. Because cryptojacking prioritises persistence over disruption, organisations frequently remain unaware of infections for prolonged periods.
At the same time, ransomware operations are becoming more selective and intelligence-driven. Rather than pursuing mass-scale encryption campaigns, attackers are increasingly targeting critical systems, high-value data repositories, and operational choke points capable of causing disproportionate business disruption. These low-volume but high-impact attacks are often preceded by credential theft, lateral movement, and extensive reconnaissance, allowing threat actors to maximise leverage while minimising visibility.
The India Cyber Threat Report 2026 further highlights that Trojans and infectors together account for nearly 70 percent of all threats, reinforcing how attackers continue to rely on deceptive entry points such as phishing links, malicious downloads, compromised credentials, and user interactions to establish initial access. Once embedded within enterprise environments, these threats can remain dormant while enabling long-term exploitation.
The implications extend beyond operational disruption. Under the Digital Personal Data Protection (DPDP) Act, 2023, organisations are required to safeguard personal and sensitive data across their digital environments. Stealth-oriented attacks involving data exfiltration or prolonged unauthorised access can expose organisations to regulatory penalties, compliance violations, and reputational damage, particularly where breaches remain undetected for extended periods.
Addressing these threats requires organisations to move beyond perimeter-centric defenses toward continuous visibility and intelligence-led security operations. Continuous endpoint monitoring, behavioural analytics, anomaly detection, zero-trust architectures, and proactive threat hunting are becoming essential in identifying attacks that deliberately avoid traditional detection mechanisms.
In this context, solutions such as Seqrite XDR enable organisations to correlate suspicious activity across endpoints, networks, and cloud environments to detect stealth-oriented attack behaviour in real time. Seqrite Data Privacy further supports DPDP compliance through automated data discovery, classification, and governance, while Seqrite Digital Risk Protection Service helps enterprises monitor external threat exposure and identify compromise indicators before escalation occurs.
At the user and endpoint level, Quick Heal Total Security and Quick Heal AntiFraud.AI provide an additional layer of defense by blocking malicious payloads, identifying suspicious behavioural patterns, and preventing fraud-led compromise initiated through phishing or deceptive digital interactions.
The rise of cryptojacking and selective ransomware reflects a broader transformation in cybercrime economics. Attackers are no longer solely pursuing visibility or immediate disruption. Increasingly, the objective is silent monetisation, persistent access, and strategic exploitation of trust, infrastructure, and data.
As the threat landscape evolves, organisations that prioritise continuous cyber resilience, visibility, and adaptive defense strategies will be better positioned to mitigate the next generation of stealth-driven attacks.
About Quick Heal Technologies Limited
Quick Heal Technologies Ltd is a global cybersecurity solutions provider. Each Quick Heal product is designed to simplify IT security management across the length and depth of devices and on multiple platforms. They are customized to suit consumers, small businesses, government establishments, and corporate houses. Over a span of nearly 3 decades, the company’s R&D has focused on computer and network security solutions.
The current portfolio of cloud-based security and advanced machine learning-enabled solutions stops threats, attacks, and malicious traffic before it strikes. This considerably reduces the system resource usage. The security solutions are indigenously developed in India. Quick Heal Antivirus Solutions, Quick Heal Scan Engine, and the entire range of Quick Heal products are proprietary items of Quick Heal Technologies Ltd. Recently, unveiled Quick Heal pioneers India’s first fraud prevention solution, AntiFraud.AI, available for Android, iOS, and Windows.
For more information, please visit: www.quickheal.co.in
AntiFraud.AI – https://www.quickheal.co.in/quick-heal-antifraud/
About Seqrite
Seqrite is a leading enterprise cybersecurity solutions provider. With a focus on simplifying cybersecurity, Seqrite delivers comprehensive solutions and services through our patented, AI/ML-powered tech stack to protect businesses against the latest threats by securing devices, applications, networks, cloud, data, and identity. Seqrite is the Enterprise arm of the global cybersecurity brand, Quick Heal Technologies Limited, the only listed cybersecurity products and solutions company in India.
We are the first and only Indian company to have solidified India’s position on the global map by collaborating with the Govt. of the USA on its NIST NCCoE’s Data Classification project. We are differentiated by our easy-to-deploy, seamless-to-integrate comprehensive solutions providing the highest level of protection against emerging and sophisticated threats powered by state-of-the-art threat intelligence and playbooks backed by world-class service provided by best-in-class security experts at India’s largest malware analysis lab – Seqrite Labs. We are the only Indian full-stack company aligned with CSMA architecture recommendations, offering award-winning Endpoint Protection, Enterprise Mobile Device Management, Data Privacy, Zero Trust Network Access, and many more. Seqrite Data Privacy Management solution enables organizations to stay fully compliant with the DPDP Act and global regulations. We have recently launched Digital Risk Protection Services for external threat monitoring and Ransomware Recovery as a Service for rapid, guided restoration after ransomware attacks. Seqrite has also unveiled SIA, an LLM-powered security co-pilot built on GoDeep.AI to help enterprises navigate growing cyber complexity with intelligent, conversational analysis.
Today, 30,000+ enterprises in more than 70 countries trust Seqrite with their cybersecurity needs. For more information, please visit: https://www.seqrite.com/
