New Delhi: Frontier artificial-intelligence (AI) models are now capable of running cyberattacks against financial institutions with minimal human help, and adversaries already have these tools in hand, according to the second edition of the Digital Threat Report 2025-26, launched Monday by Ministry of Electronics and Information Technology (MeitY) Secretary S. Krishnan and CERT-In Director General Sanjay Bahl.
The report, a public-private collaboration between cybersecurity firm SISA, CERT-In and the finance-sector team CSIRT-Fin, focuses on the Banking, Financial Services and Insurance (BFSI) sector and documents what it calls “AI asymmetry” to indicate offensive capability scaling faster than the defensive and regulatory frameworks meant to contain it.Among its starkest findings: in November 2025, Anthropic disclosed GTG-1002, described as the first reported large-scale AI-orchestrated cyber-espionage campaign. According to the report, this was a Chinese state-linked operation in which the AI executed 80 to 90 percent of the work independently against roughly 30 global targets, including financial institutions.
The report says the agent fired thousands of requests per second across those organisations, operating from inside the perimeter using credentials it already held.It adds that the April 2026 disclosure of Claude Mythos Preview, a frontier model that flagged more than 23,000 potential vulnerabilities, of which over a thousand confirmed findings were rated high or critical, “confirmed the trajectory”. In one exercise cited, frontier models produced working attacks against 207 of 405 historical smart-contract exploits, totalling $550 million in simulated stolen funds.Such attacks, the report warns, “can now be executed at machine speed” by actors with far more modest capability and budget than the specialist teams that once needed weeks. Crucially, it notes, the capability first appeared in smaller, cheaper open models and is “already in adversarial hands”.For India, the numbers are pointed. Banking, Financial Services, and Insurance (BSFI) cyberattacks in the country are running at 1.6 times the global average, and incidents have more than doubled in four years, from 1.4 million in 2021 to 2.9 million in 2025.A central claim of this year’s edition is a signal of acceleration: six of the seven forward-looking predictions made in the previous report have already reached full-scale realisation. The only one still pending is quantum risk—though the report notes adversaries are already pursuing “harvest-now, decrypt-later” strategies, stealing encrypted data today to crack once quantum computing matures. What AI has given attackers, the authors argue, is four things they lacked before: speed, scale, accuracy and autonomy.Supply-chain compromise features heavily in the report. It cites a 2025 single-vendor breach that hit more than 70 US banks and credit unions, exposing more than a million customer records, and an April 2026 incident in which two major US banks appeared simultaneously on a ransomware leak site after a shared vendor was compromised. Many ransomware groups, it notes, have abandoned encryption altogether in favour of pure data theft and extortion — “faster, harder to detect, equally coercive”.Defenders remain slow. The report pegs the mean time to identify and contain a breach at 263 days, even as the zero-day exploit window has compressed from weeks or months to hours.








