7 days ago
Espionage Emerges as Top Cyber Threat in 2025: Industry Leaders Weigh In
In 2025, government bodies accounted for 42% of all nation-state attack targets, up from 39% in 2023
Opinions expressed by Entrepreneur contributors are their own.
You're reading Entrepreneur India, an international franchise of Entrepreneur Media.
In an alarming trend, espionage has become the most dominant form of cyberattack globally in 2025, accounting for 86 per cent of all nation-state cyberattacks, according to Wipro's State of Cybersecurity Report 2025. This marks a steady rise from 82 per cent in 2023, signalling how cyber operations are becoming an increasingly strategic tool of statecraft.
The report highlights a disturbing shift in the global cyber threat landscape, with government entities being the most targeted, followed by the private sector and civil society. In 2025, government bodies accounted for 42 per cent of all nation-state attack targets, up from 39 per cent in 2023 and 30 per cent in 2021. The private sector also remained vulnerable, holding steady at 32 per cent of attacks since 2023. Civil society accounted for 18 per cent, and military institutions 8 per cent.
"This overwhelming focus on espionage shows that nation-state actors are playing the long game—embedding themselves within networks to quietly extract strategic information," said Rahil Patel, Chief Growth Officer at QNu Labs. "The future lies in prevention at the protocol level, not just monitoring at the perimeter. We need to move from resilience after breach to immunity before breach."
Also, China, Russia, Iran, and North Korea have emerged as the key aggressor states behind these sophisticated cyber intrusions.
India's growing exposure and preparedness gap
India remains a top target, with critical infrastructure such as finance, energy, healthcare, and government services repeatedly coming under attack. According to CERT-In, over 1.3 million cybersecurity incidents were reported in 2022 alone.
Srinivas Shekar, Founder and CEO of Pantherun Technologies, remarked, "Cyber operations have become integral to modern statecraft. In India, threat actors continue to exploit sectoral vulnerabilities. Strengthening our defences requires continuous monitoring, cross-sector collaboration, and skilled manpower."
However, Neehar Pathare, MD, CEO and CIO at 63SATS Cybertech, believes that India's fragmented cyber defence framework is not keeping pace with the rising threat.
"There are critical gaps—fragmented frameworks, inconsistent incident reporting, and a lack of unified cyber response," said Pathare. "A centralised Threat Intelligence and Monitoring Response Centre integrating CERT-In, sectoral CSIRTs, and corporate SOCs is vital."
Budget and investment challenges
Despite the rising stakes, India's cybersecurity budget remains relatively modest. Shekar said that in 2023, the government allocated INR 515 crore (USD 62 million) under the Ministry of Electronics and IT. In contrast, the U.S. Cyber Command's budget request stood at USD 3.3 billion for FY2024.
He estimated that a robust, integrated national cyber defence system, encompassing infrastructure, personnel training, and threat detection, would require an initial investment of INR 2,000 to INR 5,000 crore. This figure does not include ongoing costs for upskilling and operational support.
Tony Buffomante, SVP & Global Head – Cybersecurity & Risk Services, Wipro, echoed the same: "Cybersecurity budgets are struggling to keep pace with growing threat sophistication. AI helps strengthen defences while optimising costs. CISOs must focus on risk-adjusted returns on investment."
Towards quantum-safe and collaborative defence
With attacks becoming stealthier and longer-term, there is a growing push for next-generation defences. Quantum-safe security solutions are gaining traction, as traditional encryption methods may not survive future quantum computing capabilities.
"There's an over-reliance on legacy encryption. We need a national migration path to quantum-resilient encryption—complemented by policy mandates and sector-specific blueprints," said Patel.
He added, "This is not just a technical upgrade, it is a strategic imperative for digital sovereignty. Startups, research labs, and government bodies must collaborate, not work in silos."
Public-private partnerships also need to evolve. Rather than acting as vendors, tech firms and government bodies must co-develop secure systems and protocols.
Protecting democracy in the digital age
The growing targeting of civil society (18 per cent) and military institutions (8 per cent) is not only a security concern, it is a threat to democratic stability.
"Securing democracy in the digital age means investing in infrastructure that cannot be undermined by time or tech advances," said Patel. "The quantum threat is borderless; so too must be our response."
