Following the recent terror attack in Pahalgam on April 22, 2025, Indian websites have experienced a massive surge in cyberattacks, with approximately 1.5 million attempts originating from hacker groups aligned with Pakistan. Maharashtra Cyber officials reported that while the sheer volume of attacks was substantial, only about 150 of them were successful. These attacks persist even after India and Pakistan reached an understanding to cease military hostilities, with sources tracing the origin of these cyber offensives not only to Pakistan but also to Bangladesh, Indonesia, Morocco, and the Middle East.
Scope and Methods of the Cyberattacks
The identified hacking groups employed various methods, including malware campaigns, Distributed Denial-of-Service (DDoS) attacks, and GPS spoofing. Website defacement has also been a common tactic. The Maharashtra Cyber has identified seven Advanced Persistent Threat (APT) groups responsible for launching these cyber attacks. These groups are APT 36 (Pakistan-based), Pakistan Cyber Force, Team Insane PK, Mysterious Bangladesh, Indo Hacks Sec, Cyber Group HOAX 1337, and National Cyber Crew (Pakistan-allied).
Targets and Claims
The cyber attackers have targeted critical infrastructure websites across India. Among the successful attacks, the Kulgaon Badlapur Municipal Council website was defaced. There were also false claims of data theft from Chhatrapati Shivaji Maharaj International Airport (CSMIA) and telecom companies, with some data allegedly appearing on the darknet. The website of the Defence Nursing College in Jalandhar was also defaced. Some groups falsely claimed to have hacked India's banking system and caused power outages. Maharashtra Cyber has debunked claims of hackers stealing data from Chhatrapati Shivaji Maharaj International Airport in Mumbai, hacking aviation and municipal systems, and targeting the Election Commission website.
Debunking Misinformation
Indian authorities have actively countered misinformation campaigns associated with these cyberattacks. Maharashtra Cyber identified and removed over 5,000 instances of misinformation and fake news related to India-Pakistan military conflicts circulating on social media. This included debunking claims of cyberattacks on India's power grid, statewide blackouts, satellite jamming, disruption of the Northern Command, and attacks on BrahMos missile storage facilities. A detailed analysis by security firm CloudSEK reveals that many claims by Pakistan-linked hackers are exaggerated or entirely fabricated.
Government and Industry Response
The Indian government has implemented comprehensive technical and legal measures to counter cyberattacks. Cybersecurity has become a key front in the ongoing tensions, with constant monitoring and countermeasures deployed across multiple levels of government and infrastructure. Since the Pahalgam attack, India has been repelling 30-40 major cyberattacks every day. The government held a meeting with technology and communication stakeholders to address potential cyber threats and push for stronger security at critical data centers. The Department of Telecommunications has been tightening national firewall protocols for incoming data traffic.
Cybersecurity Initiatives and Policies
India has established a complex institutional framework for cybersecurity, with several ministries, departments, and agencies performing key functions. Key initiatives include:
Ongoing Threat Landscape
Despite the defensive measures, India remains on high alert. Experts predict that cyberattacks will intensify, with Pakistan-backed cyber campaigns targeting Indian defense and critical infrastructure. The conflict has moved online, becoming a digital battlefield. As geopolitical tensions rise, India is on the brink of an evolving cyberwar with Pakistan. Recent attacks, including the breach of Pakistan's Habib Bank by the Indian Cyber Force and retaliatory phishing campaigns by Pakistan-linked APT36, signal a new threat to India's critical digital infrastructure.
