• In a landmark initiative to strengthen cybersecurity resilience in the Banking, Financial Services, and Insurance (BFSI) sector, India launched the first Digital Threat Report 2024.

• It is a comprehensive analysis of current and emerging cyber threats and defence strategies.

• The report was prepared by the Ministry of Electronics and IT (MeitY), Indian Computer Emergency Response Team (CERT-In), Computer Security Incident Response Team in finance sector (CSIRT-Fin) and SISA, a global cybersecurity company.

Significance of the report

• The BFSI and digital payments industries lie at the heart of global digital transformation. Projected to generate $3.1 trillion by 2028 — accounting for 35 per cent of total banking revenue, this sector’s transition from cash to digital transactions introduces immense opportunities alongside heightened risks.

• As digital payments grow, they increasingly attract malicious actors who exploit system vulnerabilities, making this sector a prime focus for cyberattacks.

• The report provides a holistic analysis of the cybersecurity landscape shaping the BFSI sector. The collaborative nature of this initiative, bringing together frontline cybersecurity providers, national agencies, and financial sector incident response teams, underscores the urgency of a pro-active, intelligence-driven approach to mitigating digital risks.

• It provides a unique perspective on sector-wide security gaps while delivering a forward-looking analysis of anticipated cyber risks, equipping financial institutions with the insights needed to prepare for both todays and tomorrow’s cyber threats.

• The report integrates real-world cyber intelligence from SISA’s forensic investigations, CERT-In’s cybersecurity oversight, and CSIRT-Fin’s financial sector incident response expertise, offering a multi-dimensional perspective on emerging threats. 

Business Email Compromise and advanced phishing campaign

• Over the past year, cyberattacks have grown more sophisticated, driven by the intersection of new techniques and the persistence of proven methods.

• Social engineering, in particular, has surged to the forefront, with Business Email Compromise (BEC) and advanced phishing campaigns operating with alarming precision.

• Stolen credentials and information stealing malware remain among the most effective tactics for attackers to breach organisational networks. Malicious actors acquire credentials through phishing, information

stealing malware, or dark web purchases, targeting usernames, passwords, and session cookies that bypass multi-factor authentication (MFA). 

• These credentials grant access to critical systems like single sign-on platforms, virtual private networks (VPNs), email accounts, and software as a service (SaaS) applications.

• Meanwhile, supply chain breaches have escalated, exploiting the trust organisations place in third-party vendors and open-source repositories thereby introducing vulnerabilities at scale.

• Yet, the rising tide of cyber threats is not occurring in isolation. As digital ecosystems expand, so too does the recognition that compliance must evolve beyond rigid frameworks. 

• As the industry braces for what lies ahead, the future of cybersecurity is already being reshaped by artificial intelligence (AI). 

• The same technology that drives innovation is arming attackers with the tools to conduct highly personalised, evasive, and large-scale attacks. 

• In 2025 and beyond, AI-driven threats will challenge existing defence mechanisms, forcing organisations to rethink their approach to threat detection and response. 

Impact of AI on cyber threats

• AI’s ability to exploit identity vulnerabilities and bypass defenses using social engineering techniques signals a troubling evolution in cyber tactics. 

• Deepfake technology, for instance, is enabling large scale impersonation scams, including executive-level Business Email Compromise (BEC) attacks and misinformation campaigns. 

• Cyber attackers are increasingly turning to AI-powered tools to mine social media, scrape employee data, and craft highly personalised lures that bypass traditional security filters. 

• Pretexting, the art of creating false scenarios, plays a central role in these attacks, deceiving employees into transferring funds, sharing credentials, or altering account information under the guise of legitimate requests. 

• The growing accessibility of “deepfake as a service” platforms further amplify the effectiveness of these schemes, allowing adversaries to convincingly impersonate executives and bypass manual verification processes. 

• Phishing attacks have become increasingly sophisticated with attackers employing advanced social engineering tactics, often enhanced by AI, to create highly convincing phishing emails and messages that are difficult to distinguish from legitimate communications. 

• AI’s accessibility has democratised cyber attacks, enabling even smaller groups to launch impactful attacks.

• The use of AI-generated content to craft phishing lures that are free of grammatical errors and awkward phrasing, which traditionally served as warning signs of malicious intent.

• These AI-enhanced phishing attempts can mimic the tone, style, and branding of trusted entities with remarkable accuracy, making them more persuasive and harder to detect.

• Further, generative AI models can produce personalised content that exploits specific information about targets, increasing the likelihood of deceiving recipients into revealing sensitive information or clicking on malicious links.

• The advent of chatbot phishing scams represents a new frontier in phishing techniques. Attackers use AI-powered chatbots with natural language processing capabilities to engage potential victims in seemingly benign conversations, subtly extracting personal information or login credentials over time. This method leverages the interactive nature

of chatbots and can be particularly effective as users may be less guarded during real time exchanges.

• Attacks in 2025 will not only be more sophisticated but also exponentially more evasive and pervasive.

• Threat actors are set to harness AI to craft highly customised assaults, leaving minimal trace as they operate at an unprecedented scale-powered by the same revolutionary technologies transforming industries globally.

Manorama Yearbook app is now available on Google Play Store and iOS App Store