From Operation Sindoor to deepfake frauds, recent attacks reveal how cyber conflict has become inseparable from national security
When India launched Operation Sindoor in May 2025 in response to the Pahalgam terror attack, the visible theatre of conflict played out on television screens. What remained largely unseen was a parallel assault in cyberspace. During the operation, nearly 200,000 simultaneous cyberattacks targeted India’s power grid, the President’s website went offline for 19 hours, and BSNL systems experienced prolonged disruption.
These were not opportunistic attacks. According to industry observations, seven Advanced Persistent Threat (APT) groups orchestrated nearly 1.5 million attacks over three days, deploying DDoS barrages, malware aimed at SCADA systems, and phishing campaigns disguised as official government communications. While India’s cyber defences blocked the vast majority of attempts, even a 0.01% success rate translated into 150 successful breaches.
“Cyber warfare is no longer a parallel threat—it is now deeply embedded in every modern conflict, and India’s critical infrastructure is firmly in the crosshairs,” said Govind Rammurthy, CEO & Managing Director, eScan.
The exposure of India’s critical infrastructure is not new. AIIMS Delhi suffered multiple cyber incidents between 2022 and 2023, while the SPARSH portal breach in early 2024 exposed sensitive defence personnel data due to a basic cloud misconfiguration. These incidents underline a recurring reality: sophisticated nation-state attacks and simple security oversights can be equally damaging.
Artificial intelligence has further tilted the balance. AI-powered tools now allow attackers to scan systems, identify vulnerabilities, and launch exploits at machine speed. Deepfakes have emerged as a potent weapon—convincing forged videos of senior Indian leaders circulated widely in 2025, while a Pune-based professional reportedly lost ₹43 lakh to a highly realistic impersonation scam.
Supply chains have become another weak link. The 2025 Marks & Spencer breach demonstrated how a single compromised vendor relationship can cascade into massive losses. For India’s IT services hubs, any breach in one organization can have global consequences.
As enterprises embrace cloud and AI at scale, risks multiply. A growing share of Indian breaches now involve public cloud environments, with detection and containment often taking months. Security leaders increasingly agree that success in 2026 will depend on assuming breach, prioritising rapid detection, and combining human expertise with AI-augmented defence.
The message is clear: cyber threats will not de-escalate. They will compound—targeting hospitals, power networks, and the digital systems that keep the nation running.