National, August 20, 2025 – Acronis, a global leader in cybersecurity and data protection, today released the findings of the Acronis Cyberthreats Report H1 2025, detailing the most popular threat vectors, active threat groups, and targeted industries in the first half of 2025. Ransomware remains the major threat for large and medium-sized businesses, with new groups increasingly leveraging AI to automate their activities – phishing accounted for 25% of all attacks and 52% of attacks targeting MSPs, a 22% increase compared to H1 2024. India emerged as the most targeted country worldwide, with 12.4% of monitored endpoints affected — highlighting the nation’s growing vulnerability to sophisticated threats such as AI-powered phishing and impersonation attacks.
The biannual report covers the global threat landscape as encountered by the Acronis Threat Research Unit (TRU) and Acronis sensors on Windows endpoints from January through June 2025. Based on signals from over 1,000,000 unique endpoints distributed around the world, the report also incorporates statistics focused on threats targeting Windows operating systems, given their prevalence as compared to macOS and Linux.
“While the endgame for cybercriminals is still ransomware, how they get there is changing,” said Gerald Beuchelt, CISO at Acronis. “Even the least sophisticated attackers today have access to advanced AI capabilities, generating social engineering attacks and automating their activities with minimal effort. The result is that MSPs, manufacturers, ISPs, and others are constantly exposed to sophisticated attacks, including increasingly advanced deepfakes, and all it takes is one mistake to put the organizations’ entire future at risk. To survive in this threat landscape and avoid damaging ransomware payloads, a holistic cyber protection strategy that incorporates advanced detection, response and recovery capabilities is essential.”
Implications for Indian Industries
Collaboration applications, widely used across Indian enterprises, have become a growing attack vector. Phishing incidents on platforms such as Microsoft Teams and Slack surged from 9% to 30.5% in the first half of 2025. Meanwhile, advanced email threats — including payload-less and spoofed attacks — rose sharply from 9% to 24.5%, underscoring the urgent need for adaptive, AI-informed security systems.
“India’s digital economy is expanding rapidly, but with that growth comes an expanded attack surface. As threat actors evolve, Indian enterprises — especially in manufacturing and infrastructure — must implement AI-aware cybersecurity frameworks to stay ahead,” said Rajesh Chhabra, General Manager, India & South Asia at Acronis. “Given the sector’s strategic importance under the Make in India initiative, ransomware attacks targeting manufacturing pose a significant risk to the country’s economic growth and industrial resilience. These figures paint a sobering picture. AI is empowering cybercriminals to operate at scale and with higher precision. Enterprises must transition from reactive to behavior-based security models.”
