Monday, July 13, 2026
41.7 C
New Delhi

Six of seven cyber threats flagged last year now operational: BFSI report

Six of seven cyber threats flagged last year now operational: BFSI report

.

NEW DELHI: Six of the seven emerging cyber threats predicted for banks and financial institutions barely a year ago have already reached full-scale realisation, with artificial intelligence, stolen identities and manipulated payment workflows enabling attacks that increasingly resemble legitimate activity, India’s second Digital Threat Report for the BFSI sector has warned.The Digital Threat Report 2025-26, released by electronics and IT secretary S Krishnan, says the traditional progression of a cyber threat — from research and experimentation to large-scale exploitation — is breaking down. Threats are now being operationalised in months or even weeks, allowing attackers to innovate, scale and monetise faster than many financial institutions can respond.The report, prepared jointly by CERT-In, CSIRT-Fin and cybersecurity firm SISA, says social engineering, credential theft, supply-chain compromise and cloud exploitation, which were considered emerging or episodic risks in the previous edition, are now established attack methods. Only quantum risk among the seven predictions has not reached full-scale realisation, though “harvest now, decrypt later” strategies are already active.Its central concern is that the most damaging cyberattacks may no longer look like breaches. They can surface as authenticated user sessions, approved payments, routine account activity, compromised vendor actions or apparently normal business workflows, remaining indistinguishable from genuine transactions until the damage has occurred. The report groups the evolving risks into three broad clusters — AI and human deception, software and systems, and infrastructure and economy.Under AI and human deception, it flags industrial-scale deepfakes, synthetic identities, AI-generated phishing, business email compromise, credential theft and session hijacking. It says attackers are no longer crafting scams manually but generating, testing and deploying them at machine speed, weakening identity checks that depend on what a person sees or hears.The report also identifies “AI asymmetry” as a defining risk, warning that capabilities such as vulnerability discovery, exploit generation and attack orchestration, which earlier required specialist teams and weeks of work, are increasingly available to comparatively low-resource actors. At the same time, AI models used for credit, fraud detection, KYC and onboarding are themselves becoming attack surfaces through prompt injection, model probing and adversarial manipulation.“Cybersecurity is one of the most important concerns that we have to address if we have to preserve all the benefits that we have derived from digitisation,” Krishnan said. He said attacks could affect individuals through cybercrime, cripple organisations through ransomware and, at their highest level, create national-scale disruption.“We have to treat cybersecurity as an enterprise-wide systemic risk against which institutions need to constantly guard,” he said, adding that digital governance, including AI governance, must give primacy to cybersecurity and operational resilience. Krishnan also stressed the need to build domestic technological capacity, strengthen identity and account access systems, and use AI more effectively to enable defenders to act faster.On software and systems, the report warns of supply-chain compromise, poisoned software dependencies, cloud misconfigurations, insecure development pipelines and the manipulation of payment and API business logic. It says attacks can exploit OTP race conditions, parallel transaction triggering, object-level authorisation failures and exception pathways without using malware or breaching a network perimeter.The third cluster covers systemic risks to financial infrastructure, including ransomware, crypto-enabled monetisation, firmware and IoT compromise, and long-term threats to encrypted data from quantum computing.A major finding is what the report calls the “compliance-security translation gap”. Institutions may pass periodic assessments while remaining exposed because controls drift from their original intent, cover only part of the actual attack surface or fail to keep pace with cloud, AI, container and machine-identity risks.To explain how breaches escalate, the report introduces a four-layer “Anatomy of Cyber Failure” framework covering design, enforcement, signal and response gaps. It identifies four recurring failure chains — trusted entry breaches, privilege escalation, logic abuse and invisible attacks operating beyond an institution’s telemetry.The report lays out an 18-month roadmap. During the first six months, institutions should deploy phishing-resistant authentication for high-risk accounts, identify service and machine identities, test payment workflows against adversarial manipulation, strengthen secrets and encryption-key management, and automate incident containment.Over six to 12 months, they should introduce continuous session assurance, behavioural transaction monitoring, cloud identity controls, runtime software validation and quarterly post-audit attack simulations. The final phase calls for passwordless privileged access, controls over AI-model and training-data supply chains, stronger oversight of vendors’ vendors, runtime integrity attestation and post-quantum cryptography migration planning.The report’s message is that financial institutions must move from periodically proving that security controls exist to continuously proving that they work under real attack conditions. Go to Source

Hot this week

Poland’s 300-year-old ‘Vampire Cemetery’ mystery: The strange reason 100 people were buried with sickles, locks and unusual rituals

For years, a quiet burial ground in northern Poland has been offering an unusual glimpse into the anxieties of people who lived centuries ago. Read More

Suryakumar Yadav’s T20I Return Conditions Set After India’s Back To Back Defeats

Show Quick Read Key points generated by AI, verified by newsroom BCCI eyes Suryakumar recall following India’s recent T20I defeats. Suryakumar replaced by Shreyas; new leadership failed expectations. Read More

What Is Prashant Kishor’s Net Worth? Rs 7.36 Crore In FDs, Rs 22.19 Crore Assets, France Degree

Show Quick Read Key points generated by AI, verified by newsroom Prashant Kishor declared substantial assets for Bihar bypoll nomination. Assets include significant fixed deposits and outstanding liabilities. Read More

UK bans Iran Revolutionary Guards, blames IRGC-backed group for attacks on Jews

UK bans IRGC and proxy Iranian organisation ove attacks on Jewish community The UK has listed Iran’s Islamic Revolutionary Guard Corps as a terrorist organisation, in a major escalation of diplomatic tensions with Tehran, as i Read More

Topics

Poland’s 300-year-old ‘Vampire Cemetery’ mystery: The strange reason 100 people were buried with sickles, locks and unusual rituals

For years, a quiet burial ground in northern Poland has been offering an unusual glimpse into the anxieties of people who lived centuries ago. Read More

Suryakumar Yadav’s T20I Return Conditions Set After India’s Back To Back Defeats

Show Quick Read Key points generated by AI, verified by newsroom BCCI eyes Suryakumar recall following India’s recent T20I defeats. Suryakumar replaced by Shreyas; new leadership failed expectations. Read More

What Is Prashant Kishor’s Net Worth? Rs 7.36 Crore In FDs, Rs 22.19 Crore Assets, France Degree

Show Quick Read Key points generated by AI, verified by newsroom Prashant Kishor declared substantial assets for Bihar bypoll nomination. Assets include significant fixed deposits and outstanding liabilities. Read More

UK bans Iran Revolutionary Guards, blames IRGC-backed group for attacks on Jews

UK bans IRGC and proxy Iranian organisation ove attacks on Jewish community The UK has listed Iran’s Islamic Revolutionary Guard Corps as a terrorist organisation, in a major escalation of diplomatic tensions with Tehran, as i Read More

A supernova lit up Earth’s sky in 1054 and was visible in daylight. Hubble now shows its glowing remains are still expanding nearly 1,000...

NASA’s Hubble Space Telescope images of the Crab Nebula Nearly 1,000 years after people first saw a bright new star appear in the sky, scientists have measured how the remains of that explosion are still expanding today. Read More

How Israel’s Mossad tried to recruit Iran’s former president Ahmadinejad; what happened next

Israel’s Mossad allegedly tried to recruit Iran’s former president Ahmadinejad Israel’s intelligence agency Mossad allegedly spent years trying to recruit former Iranian President Mahmoud Ahmadinejad as part of a b Read More

Related Articles