Six of seven cyber threats flagged last year now operational: BFSI report
Six of seven emerging cyber threats predicted for banks and financial institutions a year ago have reached full-scale realization, according to the Digital Threat Report 2025-26 for the BFSI sector.
The report, released by electronics and IT secretary S Krishnan and prepared by CERT-In, CSIRT-Fin, and SISA, warns that threats are now operationalized in months or weeks.
Social engineering, credential theft, supply-chain compromise, and cloud exploitation have shifted from emerging risks to established attack methods.
Only quantum risk remains unrealized, though 'harvest now, decrypt later' strategies are already active.
Attacks increasingly resemble legitimate activity through authenticated sessions, approved payments, and compromised vendor actions, making detection difficult until damage occurs.