KOCHI: Amid Indo-Pak standoff, a report from a leading cyber-security threat intelligence platform stated that more than 500 Indian government and private entities were targeted by pro-Pakistani and Bangladeshi hacktivist groups, following the Pahalgam terror attack.
As per the report by Falcon Feeds.io, a cumulative total of more than 200 cyber attacks were identified and analysed during the period between April 22 and May 8, 2025, of which over 55 per cent were Distributed Denial of Service (DDoS) attacks, a malicious attempt to overwhelm and disrupt the normal traffic of targeted servers. In addition to DDoS attacks, the hacktivist groups also carried out website defacements, data breaches, and leaks.
“Every geopolitical conflict today has a cyber dimension, because cyber warfare is a modern strategy of war. Here too, pro-Pakistani and Bangladeshi hacktivists launched offensives, but none were successful,” said a cybersecurity analyst, speaking on condition of anonymity.
Even as we speak, India’s Income Tax portal experienced a brief slowdown due to an ongoing cyberattack. But, because of robust infrastructure and real-time monitoring, we neutralised the threat swiftly,” he said.
“In the aftermath of the Pahalgam terror attack, the pro-Pakistani and Bangladeshi hacktivist groups did not limit their cyber attacks to high-profile targets. Even smaller websites, including those of educational institutions and hospitals, were hit. “While cyberattacks and counterattacks are routine, targeting schools, hospitals, and private entities are considered to be a heinous activity by Indian authorities,” the analyst added.
Responding to the particular cyber attacks, cyber security expert Nandakishore Harikumar, whose threat intelligence team tracked around 200 hacktivist groups during the Israel-Hamas conflict, said, “ Most attacks during this period were mid-scale, with airports becoming the main targets. Despite some temporary slowdowns, none of the attacks succeeded. The impact of these attacks was minimal simply as the infrastructure of our websites were prepared.” He also emphasised that unlike in other global cyber conflicts, Russian-linked actors were notably absent in these attacks.
“Nearly 96 per cent of these cyber attack coordination happened via Telegram. Hacktivist groups often hire DDoS services through Telegram, because setting up and maintaining cloud infrastructure for such attacks requires significant resources,” said Nandakishore. “We’ve been monitoring around 500–600 of these groups in recent years,” he said.
While the current impact is limited, Nandakishore warned of future risks. “Right now, these groups haven’t been able to penetrate critical infrastructure. But if they do, the consequences could be severe. It could disrupt supply chains and severely damage our cyber systems. Digital security must be treated with the same seriousness as physical security,” he said.
