Syllabus: GS3/ Cybersecurity
Context
- The Ministry of Electronics and Information Technology (MeitY) released the second edition of the Digital Threat Report 2025–26.
Major Findings
- Emerging Threats: Threats previously considered emerging or episodic – including social engineering, credential theft, supply-chain compromise and cloud exploitation – are now established attack methods.
- Exploiting Digital Trust: Attackers increasingly exploiting ‘digital trust’ rather than directly targeting passwords or transactions.
- Cybercriminals are manipulating vulnerabilities across biometric onboarding, artificial intelligence (AI)-driven decision-making, partner applications, real-time payment systems, APIs and third-party ecosystems.
- Industrialisation of Deepfake Fraud: Deepfake-enabled fraud has become “industrialized”, with attackers deploying real-time executive video deepfakes, adversarial large language models (LLMs) and polymorphic attack variants to evade detection.
- Social engineering and Business Email Compromise (BEC) campaigns have also intensified, while credential theft and session hijacking have emerged as the primary methods for gaining initial access to systems.
- The report identifies AI asymmetry as one of the defining risks facing financial institutions.
- Activities that once required specialist teams, significant resources and weeks of effort can increasingly be performed at machine speed by comparatively low-resource threat actors.
- Recommendation: The report highlights the need to move beyond periodic security interventions towards continuous risk assessment, coordinated response and stronger information sharing.
Cyber Frauds in India
- As per National Cyber Crime Reporting Portal Data, around 28 lakh cyber frauds were reported in the year 2025, amounting to 22,931 crore rupees.
- Increased Digital Transactions: Digital transaction volumes have increased 38-fold, while transaction values have more than tripled.
- The significant growth of the digital payment ecosystem has been backed by systems such as UPI, IMPS, and NEFT.
- Evolving Nature of Fraud: A typical fraud today may not involve technical compromise of systems, but fraudsters are deploying various tactics, such as bogus call centres, deepfake-driven impersonation scams and mule account networks.
- The instant nature of digital payments further increases the risk, as the scope for timely intervention and recovery of funds becomes limited.
Initiatives by Government of India to Prevent Cybercrimes
- Indian Computer Emergency Response Team (CERT-In): CERT-In is the national nodal agency for responding to cybersecurity incidents.
- It provides proactive and reactive cybersecurity support and plays a crucial role in ensuring the security and resilience of the country’s cyber infrastructure.
- National Critical Information Infrastructure Protection Centre (NCIIPC): NCIIPC is responsible for protecting critical information infrastructure from cyber threats.
- It identifies and designates critical sectors and advises organizations in these sectors on enhancing their cybersecurity measures.
- Cyber Crime Prevention against Women & Children (CCPWC) scheme: The Ministry of Home Affairs has provided financial assistance to all the States & UTs under the scheme to support their efforts for setting up of cyber forensic-cum-training laboratories, training, and hiring of junior cyber consultants.
- Indian Cyber Crime Coordination Centre (I4C): It provides a framework and ecosystem for Law Enforcement Agencies (LEAs) to deal with cyber crimes in a comprehensive and coordinated manner.
- ‘Joint Cyber Coordination Teams’ have been constituted for seven regions at Mewat, Jamtara, Ahmedabad, Hyderabad, Chandigarh, Visakhapatnam and Guwahati under the I4C.
- National Cyber Crime Reporting Portal: It is launched to enable the public to report incidents pertaining to all types of cyber crimes.
- A toll-free number 1930 has been operationalized to get assistance in lodging online cyber complaints.
- The Citizen Financial Cyber Fraud Reporting and Management System module has also been launched for immediate reporting of financial frauds and to stop siphoning off funds by the fraudsters.
- Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre): This initiative is aimed at creating awareness about botnet and malware infections and providing tools for detection and cleaning.
- It also provides cyber security tips and best practices for citizens and organisations
Source: PIB
Previous article
Guardians of India’s Maritime Frontiers
Next article
News In Short 14-07-2026