Digital Threat Report 2024

• 18 Apr 2025
• 8 min read

Source: PIB

Why in News? 

India has released its first-ever Digital Threat Report 2024, aimed at strengthening cybersecurity in the Banking, Financial Services, and Insurance (BFSI) sector. The report highlights evolving cyber risks and outlines strategic measures to protect the nation’s financial infrastructure, crucial for its digital economy. 

What are the Key Highlights of the Cyber Threat Report 2024? 

• Surge in Cyberattacks and Data Breach Costs: In 2024, the BFSI sector witnessed a surge in cyberattacks, with global data breach costs rising to USD 4.88 million (a 10% increase from 2023) and USD 2.18 million in India.  
  • BFSI’s digital growth, projected to reach USD 3.1 trillion in payments by 2028, is widening its cyber threat exposure. 
  • Phishing attacks in India surged by 175% in June 2024 compared to 2023. 
• Crypto Attacks: Crypto exchanges have been targeted by cybercriminals and new malware variants also threaten crypto wallets by extracting private keys for unauthorized access. 
• Social Engineering Attacks: Business Email Compromise (BEC) and phishing are rising cyber threats, with 54% of BEC cases involving pretexting. 
  •  AI and deepfake technologies are making these attacks more convincing by impersonating executives to manipulate financial transactions or steal sensitive data. 
• Impact of AI on Phishing: AI is making phishing attacks more convincing by generating emails that mimic trusted entity's tone, style, and branding.  
  • AI-driven chatbot phishing scams engage victims interactively to extract personal data. 
  • Large language models (LLMs) like WormGPT and FraudGPT bots are lowering the barrier for cybercriminals, enabling the creation of more convincing phishing emails and malware. 
• Stolen Credentials and Malware: Hackers are using stolen login details and malware using techniques like session hijacking, brute-force attacks, deepfake technology, and BOLA vulnerabilities to bypass Multi-Factor Authentication (MFA), mainly targeting SaaS platforms like email and VPN services. 
  • SaaS platforms are a type of digital platform that facilitates the selling, distribution, and management of cloud-based software and services. 
• Cloud Security Weaknesses: Misconfigured cloud services, such as publicly accessible storage and weak access controls, are major targets.  
  • There has been a 180% increase in attacks exploiting cloud vulnerabilities. 

• Key Recommendations: 
  • It includes adopting a human-centric, leadership-driven approach to cybersecurity, backed by continuous employee training and cyber-awareness to counter emerging threats like AI phishing and deepfakes. 
  • Implement regular Automated Vulnerability Scans, real-time threat intelligence sharing, and a multi-layered “defense-in-depth” strategy with firewalls, endpoint protection and Zero Trust architecture. 
  • Leveraging Technology to ensure timely patching (updates), AI-based threat detection and use of MFA for access control. 

What are the Key Emerging Cyber Threats in India?   Click Here to Read: Key Cyber Threats in India

 

 

Conclusion 

As cyber threats evolve, adopting a proactive, multi-layered cybersecurity approach is crucial for safeguarding critical infrastructure. Prioritizing early vulnerability assessments, AI-driven detection, strong authentication, and securing applications enhances resilience. Embedding cybersecurity into organizational strategies will strengthen India’s digital ecosystem and ensure long-term security. 

Drishti Mains Question:  What are the key challenges posed by Cyber Attacks on india. How can the government formulate effective strategies to mitigate the risks posed by cyber attacks?