Digital Threat Report 2024

April 8, 2025

The Digital Threat Report 2024 marks step in enhancing cybersecurity within the Banking, Financial Services, and Insurance (BFSI) sector in India. Launched by the Ministry of Electronics and Information Technology, this report aims to address the escalating cyber threats faced by financial institutions. It marks the urgency for a unified cybersecurity framework to protect the financial backbone of the country.

Context of Cybersecurity in BFSI

The BFSI sector is undergoing rapid digital transformation. This transformation increases the risk of cyberattacks that can have systemic repercussions. A single breach can affect multiple entities within the interconnected financial ecosystem. Therefore, a coordinated national and sectoral cybersecurity strategy is essential.

Collaboration

The report was created through collaboration between CERT-In, CSIRT-Fin, and SISA. These organisations work together to enhance threat detection and response capabilities. The initiative aims to empower financial institutions to build robust cyber resilience against evolving threats.

Seven Major Attack Vectors

The report has identified 7 major attack vectors that are expected to dominate 2025 thread landscape.

AI Deepfakes and Social Engineering

  • Fake videos and voices made using AI can trick people.
  • Hackers may pretend to be company bosses to steal money or get OTPs.
  • Old verification methods may not work against such advanced forgeries.

Software Supply Chain Attacks

  • Hackers are targeting developers by adding harmful code into libraries (like GitHub projects).
  • These bad codes, once used in apps, can spread widely.
  • AI models (LLMs) might be tricked into suggesting harmful code.

Prompt Hacking in AI Apps

  • Attackers can give tricky inputs to AI-based tools (chatbots, assistants) to steal data or make them act wrongly.
  • This is a threat especially in enterprise apps using locally stored AI models.

Malicious AI Tools (Adversarial LLMs)

  • Tools like WormGPT and FraudGPT help even unskilled hackers create phishing emails and malware.
  • This makes cyberattacks easier and more widespread.

Quantum Computing Threat

  • Quantum computers may break today’s encryption systems.
  • This means secure data (like bank info, passwords) could be read or stolen in future.

Cryptocurrency and Cybercrime

  • Cryptocurrencies like Monero make it easier for criminals to hide money.
  • Attacks on crypto wallets and exchanges are increasing.
  • It’s getting harder for police to track these crimes.

IoT Devices and Hardware Risks

  • Devices connected to the internet (IoT), like smart meters or routers, are being targeted.
  • Hackers can attack through device software, fake copies (digital twins), or chip-level backdoors.
  • One weak device can lead to a full system hack.

Call to Action for Financial Institutions

The report urges financial institutions, regulators, and security professionals to adopt a proactive approach to combat cyber threats. With the rise of AI-driven attacks and complex compliance requirements, the need for strategic guidance in navigating the cybersecurity landscape is more critical than ever.

« »

Month: 

Category: 

Leave a Reply

Your email address will not be published. Required fields are marked *