India cyber threat advisory - the main things that stood out
I went through a cyber threat advisory focused on India, and the big takeaway is pretty simple: the threat picture has stayed very high after Operation Sindoor, and it is not just one kind of attacker anymore. The report points to active activity from Pakistani, Chinese, North Korean, and Iranian groups, with a lot of attention on government systems, defence, telecom, BFSI, healthcare, and OT/ICS environments.
What stood out most was how fast things can move once access is gained. In some cases, attackers are getting from initial access to deeper network compromise in less than a day. The report also highlights things like phishing, credential theft, DDoS, GPS spoofing, and data manipulation, especially in industrial and critical infrastructure environments.
The practical advice is fairly direct: tighten MFA, segment IT and OT properly, patch internet-facing systems first, keep an eye on remote access, and make sure there is a real OT incident response chain in place. It also stresses that a lot of Indian organisations still do not have proper OT visibility, which seems to be one of the biggest gaps. I'll share the report link in the comments for anyone who wants to dig deeper.