The National Cyber Emergency Response Team has issued a high-priority advisory, warning of increased cyber threats amid rising geopolitical tensions in the region.
In its alert, NCERT cautioned that the current instability could be exploited by state-backed actors, hacktivist groups, and cybercriminal networks. It warned of potential data breaches targeting military and government systems, ransomware attacks on banking infrastructure, and psychological operations using deepfakes and fabricated narratives to create panic and disrupt public order.
Critical sectors identified as high risk include defense, financial institutions, government ministries, media organizations, and essential services such as energy, transport, water, and telecommunications.
Potential impact
According to the advisory, successful attacks could lead to account takeovers of official portals and media platforms, supply chain compromises through third-party vendors, and disruptions to critical infrastructure systems. The general public may also face phishing, malware, and identity theft attempts.
Identified threat vectors
NCERT highlighted several attack methods currently being observed or anticipated:
- Distributed Denial-of-Service attacks targeting government websites and emergency services
- Deepfake campaigns impersonating senior officials
- Spear-phishing attempts directed at military and government personnel
- Malicious mobile applications containing spyware
- Credential stuffing attacks exploit weak or reused passwords
- Coordinated disinformation campaigns through fake social media accounts
Threat actors
The advisory identifies three main categories of actors: ideologically driven hacktivist groups, sophisticated state-sponsored Advanced Persistent Threat actors, and financially motivated cybercriminal organizations.
Recommended measures
NCERT has urged organizations to immediately strengthen their cybersecurity posture by:
- Deploying endpoint protection and mobile threat defense tools
- Enforcing multi-factor authentication and phasing out SMS-based verification
- Promptly patching VPNs, firewalls, and operating systems
- Using encrypted channels for sensitive communication
- Monitoring system logs for suspicious foreign access attempts
- Maintaining regular offline and air-gapped data backups
Organizations have also been advised to conduct cybersecurity drills, audit supply chain vendors, adopt Zero Trust Architecture principles, restrict foreign IP access to sensitive systems, and enhance encryption standards.
The advisory stresses that proactive threat hunting, urgent security audits, and strict cyber hygiene at both institutional and individual levels are essential to counter evolving threats linked to the current geopolitical environment.
