Shorter, faster cyberattacks: India blocked 9 billion attempts in 2025 as AI-assisted hacking grows

Cyberattacks targeting Indian websites, apps and digital platforms are becoming quicker and more focused, with security systems blocking more than 9 billion malicious requests in 2025, according to a new analysis by cybersecurity firm Indusface. The State of Application Security 2026 Report mentions that the attack attempts rose 27 percent compared with the previous year, highlighting how cyber threats are evolving as businesses move more services online.

Researchers say attackers are increasingly shifting away from prolonged cyber campaigns. Instead, they are launching short bursts of highly targeted attacks designed to exploit vulnerabilities in online systems before organisations can react.

Attacks now lasting just a few minutes

One of the most noticeable changes observed during the year is the short duration of many attacks.

Security analysts found that several incidents now last only two to three minutes, but involve traffic from hundreds of thousands of internet addresses at the same time. These rapid bursts are often aimed at specific digital functions such as user authentication systems, financial transactions, or access to sensitive data.

Such attacks can be difficult to detect quickly because they appear suddenly, generate large volumes of traffic, and then disappear within minutes.

Automation and AI changing cybercrime
The report suggests that attackers are increasingly using automated tools and artificial intelligence-assisted techniques to identify vulnerabilities in digital systems.

Automation allows attackers to scan applications faster and test multiple entry points simultaneously. With these tools, cybercriminals can quickly locate weaknesses in software or online infrastructure and attempt to exploit them before security teams intervene.

According to security experts, this shift means cyberattacks can be coordinated at a much larger scale, even when they occur within a very short timeframe.

APIs becoming a major target
Another major trend highlighted in the report is the growing focus on application programming interfaces (APIs).

APIs act as digital connectors between mobile apps, websites and backend systems. As businesses expand online services, APIs now play a central role in enabling payments, customer logins and data sharing across platforms.

However, their increasing use has also made them an attractive target for attackers.

Security monitoring during 2025 found that API-related vulnerabilities were exploited more frequently, and APIs experienced significantly higher levels of distributed denial-of-service (DDoS) attacks compared with traditional web interfaces.

Smaller businesses facing greater risks
The analysis also indicates that small and mid-sized companies are particularly exposed to these threats.

Many organisations are rapidly developing digital platforms to support online services, but security monitoring systems do not always keep pace with that growth. As a result, smaller firms often face higher attack volumes on their API infrastructure compared with their standard websites.

Cybersecurity analysts say this gap makes them more vulnerable to automated scanning tools used by attackers.

Financial services among the most targeted sectors
Certain industries saw particularly intense levels of attack activity during the year.

The banking and financial services sector recorded billions of attack attempts, with both vulnerability-based attacks and DDoS incidents rising sharply. These platforms handle large volumes of financial transactions and user data, making them attractive targets for cybercriminals.

The report also noted increasing attack activity targeting insurance and manufacturing platforms, where hackers may be attempting to access proprietary information or disrupt operations.

Researchers observed that spikes in cyber activity sometimes coincided with periods of geopolitical tension, suggesting that global events can influence the timing and scale of certain cyber campaigns.

Attackers targeting critical digital workflows
Ashish Tandon, founder and CEO of Indusface, said, "Historically, many attacks were scattershot, with probes across multiple vectors to find any weak link. In 2025, we observed attackers becoming far more deliberate, focusing on the workflows that move money, authenticate users, and access data. With attacks completing in minutes, organizations need AI-powered, continuously tuned protection, including rapid exploit blocking and end-to-end API coverage."

Cybersecurity becoming a core business priority
Security experts say these trends are forcing companies to rethink how they protect digital infrastructure.

Traditional approaches that rely heavily on manual monitoring may struggle to respond when attacks are automated and completed within seconds. Instead, organisations are increasingly adopting continuous monitoring systems and automated security responses to detect threats in real time.

As companies expand mobile services, cloud platforms and connected applications, protecting digital systems is becoming an essential part of business operations.

Industry observers say the growing use of automation and artificial intelligence in cybercrime means organisations must evolve their security strategies just as quickly. With APIs forming the backbone of modern digital services, safeguarding them is now critical not only for protecting data but also for ensuring uninterrupted online operations and maintaining customer trust.