India Sees 500% Increase in Cybercrime Cases from 2021 to 2024 | #cybercrime | #infosec

MediaNama’s Take

The government continues to respond to India’s cybercrime surge by launching platforms, blocking SIMs, and publishing big numbers. But the 500% rise in reported cases between 2021 and 2024 shows that implementation and not infrastructure is the real problem. Creating portals like Samanvaya and Sahyog, or storing more takedown data, means little when police still delay FIRs, and funds for cybercrime remain unutilised.

Despite over 22 lakh cases in 2024 alone, there is no comprehensive cybercrime law or nationwide investigative protocol. The IT Act, 2000 wasn’t built for deepfakes, AI scams, or Child Sexual Abuse Material (CSAM) detection. Meanwhile, the government keeps reiterating that policing is a state subject, effectively absolving itself of accountability while cybercrime scales nationally and globally.

More data and coordination won’t help if frontline officers lack digital literacy, state labs remain understaffed, and victims lose money faster than platforms can freeze it. India doesn’t just need new tools, it needs trained people, binding legal frameworks, and measurable performance targets.

Cybercrimes have one of the lowest conviction rates in India. A focus on cybercrime should not just be on investigation and convictions, but also on mitigation and prevention. Until enforcement becomes systemic, and not just statistical, cybercriminals will continue to outpace the response, no matter how many dashboards the government builds.

What’s the news?

A written reply by the Ministry of Home Affairs (MHA) in the Rajya Sabha on July 30, 2025, has revealed that 6,593,682 incidents were reported to the National Cybercrime Reporting Portal (NCRP) from 2021 to the end of June 2025.

The reply was in response to an unstarred question by Jose K. Mani, a Member of Parliament (MP) of the Kerala Congress (M) party. 

What was the question?

1. whether Government is cognizant of the 900% jump in cyber frauds in the last four years (2021-25), according to the data compiled by the National Cyber Reporting Platform (NCRP);
2. If so, the details of reported cybercrimes during 2021-25, year-wise and State-wise/UT-wise; and
3. The steps taken by Government to address rising cyber fraud incidents?

The MHA’s Reply 

The Minister of State in the MHA, Bandi Sanjay Kumar, pointed out that police and public order are state subjects, and that states and Union Territories (UTs) are primarily responsible “for the prevention, detection, investigation and prosecution of crimes, including cybercrime, through their Law Enforcement Agencies (LEAs).”

The answer also acknowledged the setting up of the Indian Cyber Crime Coordination Centre (I4C), under which the NCRP falls. Under the I4C, the Citizen Financial Cyber Fraud Reporting and Management System (CFCFRMS) was launched in 2021 and has saved Rs 5,489 crore from more than 17.882 lakh complaints. 

It also states that the central government has blocked more than 9.42 lakh SIM cards and 2,63,248 International Mobile Equipment Identities (IMEIs). The reply mentions several capacity-building and assistance programs it has set up, such as Thana Connect, State Connect, the National Cyber Forensic Laboratory, the ‘CyTrain’ portal for police officers, and the Samanvaya Portal. The Samanvaya Portal is a “Management Information System (MIS) platform, data repository, and a coordination platform for LEAs for cybercrime data sharing and analytics.”

The reply also mentions the Sahyog Portal, which expedites the process of sending takedown notices to intermediaries under Section 79 of the IT Act, 2000. 

What do the numbers say?

Data provided in Annexure I of the answer contains the total number of cases reported by state from 2021 to 2025 (up to June 30) to the ICRP. A look at the data shows a steep jump from over 4.5 lakh cases in 2021 to over 22.5 lakh cases in 2024. There has been an increase every year in the number of cases reported. If the rate of cases this year stays the same as the first half of the year, 2025 will see over 24 lakh cases of cybercrime.

Maharashtra saw the most cases reported in 2024, with 3.03 lakh cases. Uttar Pradesh followed with 3.01 lakh cases, and Karnataka had the third-most cases, with around 1.7 lakh. Other states that reported more than 1 lakh cases in 2024 are Gujarat, Delhi, West Bengal, Telangana, Tamil Nadu, Rajasthan, and Haryana. 

Advertisements

Maharashtra stands as the financial capital of the country and Uttar Pradesh is the most populous state in the country, perhaps accounting for the high number of cases in these states. 

The state and Union Territory (UT) data also shows that cybercrime cases have increased year-on-year from 2021–2024 in every state except Lakshadweep. This could indicate that even at the state level, police departments have not yet been able to mitigate or prevent cybercrime effectively. It could also mean that more people are reporting such cases. 

How is India tackling Cybercrime?

Despite multiple central initiatives, India’s response to cybercrime remains fragmented and under-resourced. According to the Comptroller and Auditor General’s Report No. 2 of 2023, states delayed action plans under the Police Modernisation Scheme and underutilised funds earmarked for upgrading cyber forensic labs and digital investigation tools. The report highlights that 17–51% of released funds remained unspent across years, stalling crucial upgrades in investigative capacity.

In its Financial Stability Report from December 2024, the Reserve Bank of India flagged deepfakes and AI-driven phishing as major risks to the financial ecosystem. It noted that attackers were using generative AI to impersonate regulatory authorities, which could lead to systemic financial instability if unaddressed.

In 2023, Kaspersky reported over 235,000 ransomware attacks on Indian businesses, with sectors like healthcare, utilities, and telecom heavily affected. Simultaneously, Group-IB’s High-Tech Crime Trends Report 2025 highlighted that Asia-Pacific countries, including India, have become top targets for Ransomware-as-a-Service groups, pointing to a growing market for initial access sales and extortion operations.

Meanwhile, National Crime Records Bureau’s (NCRB) 2022 report, the latest one released, showed a 32% increase in cybercrimes against children, underscoring law enforcement’s struggles with online exploitation and Child Sexual Abuse Material (CSAM).

Collectively, these findings expose systemic weaknesses: poor fund utilisation, skill shortages, and regulatory lag. India’s current cybercrime infrastructure, while growing, remains reactive and ill-equipped to prevent the next wave of digitally sophisticated attacks.

Also Read