Cyber risks lurking beneath India's data centre ops build out
India is racing to become a global hub for artificial intelligence (AI) and cloud computing, offering tax breaks to attract billions in foreign investment. But cybersecurity experts warn the country is building this critical infrastructure faster than it can defend it, creating what they call “high-value honeypots” for state-backed hackers.
The government recently announced a 20-year tax exemption for large cloud providers setting up data centres in India, which was later extended to domestic players as well. The data centre market has already attracted over $61 billion in investment by 2025, and the new tax breaks are expected to pull in another $200 billion. Capacity is projected to grow 48% by 2029, according to Gartner.
But India’s cybersecurity policy dates to 2013, and experts say attackers are already exploiting the gap.
“In a hyper-growth market like India, where the government is essentially laying out the red carpet for data centres with the new tax incentives, attackers see a target-rich environment,” said Huzefa Motiwala, senior director, India and SAARC, for global cybersecurity giant Palo Alto Networks. “They are living inside misconfigured cloud setups and scanning for exposed data at a scale we’ve never seen before.”
Palo Alto’s research found that nearly 29% of cyber incidents it investigated globally now involve cloud systems. The company tracked one recent campaign where attackers scanned over 230 million unique targets looking for exposed data and login credentials.
The threat is not just from criminals. Multiple security firms say nation-state actors are increasingly targeting India's growing AI infrastructure.
“We expect critical infrastructure, including data centres, to face more frequent and severe attacks from nation-state actors,” said Apeksha Kaushik, principal analyst at research and advisory firm Gartner.
“These centres house vast troves of sensitive data and advanced AI models, making them strategic assets for espionage and disruption," she added.
Palo Alto Networks has observed Chinese-linked hacking groups actively targeting cloud credentials in the region. Kaspersky, another cybersecurity firm, blocked over 218,000 spyware attacks in India in the first half of 2025 alone.
The rapid expansion creates a dangerous mix of concentration and complexity, said Jaydeep Singh, general manager for India at Kaspersky. “The more organisations centralise operations and host critical workloads in cloud environments, the more concentrated and valuable that data becomes. Naturally, this increases the incentive for threat actors to target these environments,” he said.
The core problem, experts say, is speed. Companies are building AI systems and cloud infrastructure much faster than security teams can protect them.
“Our research shows that 99% of organisations are using AI-assisted coding to build these environments, but only 18% can actually fix the vulnerabilities at that same speed,” Motiwala said. “We are effectively building digital skyscrapers on top of quicksand foundations.”
Even when companies follow data storage rules by keeping information inside India, security gaps remain. The biggest risk comes from what experts call “shadow data”, copies of information that get created when teams test new AI systems or move data between different tools.
“Most breaches today are not about where data is stored, but about the shadow copies that get created when teams move fast,” said Anshu Sharma, chief executive of data security firm Skyflow. “You can keep data in India and still lose it through bad access controls or insecure AI pipelines.”
Palo Alto’s research shows that about 40% of cloud breaches stem from unmonitored systems like temporary development environments and forgotten data stores. In many cases, Motiwala said, “data is gone in under an hour.”
Defence and cyber security policy analyst Subimal Bhattacharjee said the mismatch between infrastructure growth and security policy is creating a serious risk. “India’s data centre boom is strategically important, but without treating these facilities as critical infrastructure with matching security standards, the country risks building impressive digital highways with inadequate guardrails,” he said.
The government recently announced a 20-year tax exemption for large cloud providers setting up data centres in India, which was later extended to domestic players as well. The data centre market has already attracted over $61 billion in investment by 2025, and the new tax breaks are expected to pull in another $200 billion. Capacity is projected to grow 48% by 2029, according to Gartner.
But India’s cybersecurity policy dates to 2013, and experts say attackers are already exploiting the gap.
“In a hyper-growth market like India, where the government is essentially laying out the red carpet for data centres with the new tax incentives, attackers see a target-rich environment,” said Huzefa Motiwala, senior director, India and SAARC, for global cybersecurity giant Palo Alto Networks. “They are living inside misconfigured cloud setups and scanning for exposed data at a scale we’ve never seen before.”
Palo Alto’s research found that nearly 29% of cyber incidents it investigated globally now involve cloud systems. The company tracked one recent campaign where attackers scanned over 230 million unique targets looking for exposed data and login credentials.
The threat is not just from criminals. Multiple security firms say nation-state actors are increasingly targeting India's growing AI infrastructure.
“We expect critical infrastructure, including data centres, to face more frequent and severe attacks from nation-state actors,” said Apeksha Kaushik, principal analyst at research and advisory firm Gartner.
“These centres house vast troves of sensitive data and advanced AI models, making them strategic assets for espionage and disruption," she added.
Palo Alto Networks has observed Chinese-linked hacking groups actively targeting cloud credentials in the region. Kaspersky, another cybersecurity firm, blocked over 218,000 spyware attacks in India in the first half of 2025 alone.
The rapid expansion creates a dangerous mix of concentration and complexity, said Jaydeep Singh, general manager for India at Kaspersky. “The more organisations centralise operations and host critical workloads in cloud environments, the more concentrated and valuable that data becomes. Naturally, this increases the incentive for threat actors to target these environments,” he said.
The core problem, experts say, is speed. Companies are building AI systems and cloud infrastructure much faster than security teams can protect them.
“Our research shows that 99% of organisations are using AI-assisted coding to build these environments, but only 18% can actually fix the vulnerabilities at that same speed,” Motiwala said. “We are effectively building digital skyscrapers on top of quicksand foundations.”
Even when companies follow data storage rules by keeping information inside India, security gaps remain. The biggest risk comes from what experts call “shadow data”, copies of information that get created when teams test new AI systems or move data between different tools.
“Most breaches today are not about where data is stored, but about the shadow copies that get created when teams move fast,” said Anshu Sharma, chief executive of data security firm Skyflow. “You can keep data in India and still lose it through bad access controls or insecure AI pipelines.”
Palo Alto’s research shows that about 40% of cloud breaches stem from unmonitored systems like temporary development environments and forgotten data stores. In many cases, Motiwala said, “data is gone in under an hour.”
Defence and cyber security policy analyst Subimal Bhattacharjee said the mismatch between infrastructure growth and security policy is creating a serious risk. “India’s data centre boom is strategically important, but without treating these facilities as critical infrastructure with matching security standards, the country risks building impressive digital highways with inadequate guardrails,” he said.
Next Story