As India and Pakistan declared a military ceasefire on May 10, the battlefront shifted from borders to bytes. With ransomware attacks and digital disruptions on the rise, India’s cybersecurity agency CERT-In issued twin “high severity” advisories warning both big businesses and small enterprises of a wave of cyber threats targeting national infrastructure and economic assets.
War May Pause, But Cyber Threats Persist
Even as geopolitical tensions appeared to de-escalate with India and Pakistan stepping back from the brink of armed conflict, the Indian government has kept its digital guard up. On May 9 and 10, the Indian Computer Emergency Response Team (CERT-In) released two back-to-back cybersecurity advisories, each flagged as “high severity,” alerting stakeholders about an escalating pattern of cyberattacks.
According to these bulletins, cyber adversaries are exploiting the geopolitical uncertainty to launch coordinated attacks on critical infrastructure, financial systems, and small businesses alike. The warnings cited surging cases of:
• Ransomware attacks
• Denial-of-service (DoS) disruptions
• Website defacements
• Data leaks
• Malware infections
CERT-In reported that many of these incidents appear clustered and coordinated, likely designed to overwhelm defences and steal sensitive data or sabotage vital services during moments of national distraction.
CERT-In’s Defensive Blueprint: From Zero Trust to Offline Backups
For larger enterprises and institutions deemed “critical” to India’s functioning — such as banks, telecom firms, and power grids — CERT-In offered a comprehensive cybersecurity roadmap built around Zero Trust architecture. This strategy assumes no device or user is trustworthy by default, even if operating within the organization’s secure perimeter.
• Patch known vulnerabilities and close unused ports
• Isolate legacy systems to prevent compromise
• Implement multi-factor authentication (MFA) for all users
• Encrypt sensitive and personal data
• Maintain offline backups and conduct regular restoration drills
• Vet third-party vendors for potential compromise or weak links
• Continuously monitor logs and networks for anomalies
The message was clear: prepare for persistent threats, not isolated incidents. Officials also stressed that critical sectors must stay alert beyond the military ceasefire, citing how cyberwarfare often escalates even during periods of conventional calm.
Safeguarding the Small: Special Advisory for MSMEs
Recognising the vulnerability of smaller firms with limited cyber capacity, CERT-In also tailored its May 9 advisory to Micro, Small, and Medium Enterprises (MSMEs)—which form the backbone of India’s economy.
While the threats remain similar, CERT-In encouraged MSMEs to adopt cost-effective, basic hygiene measures, such as:
• Enforcing strong password policies
• Applying all security updates and patches promptly
• Educating staff about phishing and social engineering
• Disabling macros in documents from unknown sources
• Backing up essential data offline, not just in the cloud
• Using antivirus software and email filtering tools
“Even simple steps like blocking suspicious email attachments and training employees to spot fake links can drastically reduce risk,” CERT-In noted in its guidance.
With MSMEs increasingly becoming soft targets for ransomware gangs, especially those who see an opportunity to exploit unprotected systems for ransom or sabotage, the advisory signals a critical pivot toward inclusivity in national cyber resilience.
India’s next war may not be fought with tanks or jets—but with malware, phishing kits, and digital payloads. And if the recent alerts are any indication, the government is determined to meet that challenge head-on, with Zero Trust, full awareness, and nationwide preparedness.
As one senior official put it:
“We’ve secured our skies and borders. Now, we must secure our bytes.”
