India leads global malware attacks as AI fuels ransomware surge: Acronis

India has emerged as the most-targeted nation for malware attacks, topping global charts, with Artificial Intelligence (AI) fuelling a surge in ransomware, a new report by cybersecurity firm Acronis has said.

The biannual report covers the global threat landscape as encountered by the Acronis Threat Research Unit (TRU) and Acronis sensors on Windows endpoints from January through June 2025.

Based on signals from over one million unique endpoints distributed around the world, the report also incorporates statistics focused on threats targeting Windows operating systems, given their prevalence as compared to macOS and Linux.

India emerged as the most targeted country globally, with 12.4 per cent of monitored endpoints affected, highlighting the nation's growing vulnerability to sophisticated threats such as AI-powered phishing and impersonation attacks, according to Acronis.

"Ransomware remains the major threat for large and medium-sized businesses, with new groups increasingly leveraging AI to automate their activities. Phishing accounted for 25 per cent of all attacks and 52 per cent of attacks targeting MSPs, a 22 per cent increase compared to H1 2024," it said.

India's digital economy is expanding rapidly, but with that growth comes an expanded attack surface, Rajesh Chhabra, General Manager, India and South Asia, at Acronis, noted.

"As threat actors evolve, Indian enterprises, especially in manufacturing and infrastructure, must implement AI-aware cybersecurity frameworks to stay ahead," he said.

AI is empowering cybercriminals to operate at scale and with higher precision, Chhabra said, adding enterprises must transition from reactive to behaviour-based security models.

As per Acronis, collaboration applications, widely used across Indian enterprises, have become a growing attack vector.

Phishing incidents on platforms such as Microsoft Teams and Slack surged from nine per cent to 30.5 per cent in the first half of 2025.

Meanwhile, advanced email threats, including payload-less and spoofed attacks, rose sharply from nine per cent to 24.5 per cent, underlining the urgent need for adaptive, AI-informed security systems, the company said in a release.

Acronis has advocated a proactive, multi-layered defence strategy for enterprises.

This includes deployment of behaviour-based threat detection and solutions, regular audit and updation of third-party applications, particularly, implementation of comprehensive cloud and email security strategies, and ongoing employee education on social engineering and phishing techniques.