A dramatic rise in spyware incidents is exposing Indian enterprises to increasing cybersecurity risks, according to threat data released by global digital security firm Kaspersky.
In 2025, Kaspersky’s business security solutions detected 369,445 spyware attacks targeting organizations in India — a 72% increase from the 214,407 detections seen in 2024. This sharp escalation underscores the growing prominence of spyware as a critical threat vector for corporate networks.
Spyware is a category of malicious software that is covertly installed on systems to harvest data without the user’s knowledge. Because it operates silently, spyware can compromise private information and intellectual property while degrading device and network performance, often going undetected until significant harm has occurred.
The surge in spyware activity comes amid India’s rapid digital expansion. By the end of 2025, the country’s internet subscriber base had crossed 100 crore connections, and Unified Payments Interface (UPI) platforms processed over 21 billion transactions worth ₹27 lakh crore in December alone. While this digital proliferation drives economic growth, it also expands the attack surface available to cyber adversaries.
Recognizing the growing threats to national digital infrastructure, the Union Budget for 2025–26 allocated ₹782 crore toward bolstering cybersecurity capabilities. At the same time, India’s Digital Personal Data Protection (DPDP) Act, 2023, and subsequent DPDP Rules, 2025, establish strict requirements around user consent, breach notification, encryption safeguards, and regular audits, particularly in the event of spyware compromise.
Despite these regulatory frameworks, implementation remains uneven. Kaspersky’s research indicates that more than 83% of Indian organizations have not yet initiated full DPDP compliance, leaving significant gaps that threat actors are well-positioned to exploit.
“Spyware is one of the most dangerous threats against Indian businesses today, precisely because it works in silence. By the time an organization realizes it has been compromised, sensitive data, strategic decisions, and corporate intelligence may already be in the hands of adversaries. India’s rapid digital expansion, its thriving IT and start-up ecosystem, and the accelerating digitization of critical sectors like BFSI, manufacturing, and government services make it a high-value target. A spyware incident is no longer just a security failure, it is a regulatory and reputational crisis that can have lasting consequences on business continuity and stakeholder trust. Organizations in India must move beyond reactive defences and adopt intelligence-led, AI-powered security solutions that can detect and disrupt threats before data is compromised,” said Jaydeep Singh, General Manager for India at Kaspersky.
Kaspersky’s analysis highlights spyware’s role in modern cyberespionage. Because spyware can remain undetected for extended periods, attackers can monitor system activity, intercept confidential communications, and build comprehensive intelligence profiles.
To mitigate the heightened risk, Kaspersky experts recommend several defensive measures for organizations:
- Ensure all software and firmware on corporate devices are updated regularly to close known security gaps.
- Avoid exposing remote desktop services (such as RDP) to public networks unless necessary, and always secure them with strong authentication.
- Deploy advanced security platforms — such as the latest Kaspersky Next solutions — to improve visibility across corporate infrastructure and rapidly detect, prioritise, and neutralize sophisticated threats and APT-like attacks.
- Leverage up-to-date threat intelligence to stay informed about current tactics, techniques, and procedures (TTPs) used by threat actors.
- Implement regular, isolated backups of critical data to ensure swift recovery in the event of compromise.
The findings underscore that spyware remains a stealthy but potent threat targeting Indian businesses, demanding stronger cybersecurity postures and proactive defence investments.
