AI-powered cyberattacks are evolving faster than the financial sector’s ability to defend against them, with offensive AI capabilities outpacing cybersecurity defences and regulatory safeguards, posing a growing challenge for the banking, financial services and insurance (BFSI) sector.
The second edition of the “Digital Threat Report 2025–26”, released by the Ministry of Electronics and Information Technology (MeitY) along with the Indian Computer Emergency Response Team (CERT-In), Computer Security Incident Response Team in Finance (CSIRT-Fin) and SISA, identifies AI asymmetry – the critical imbalance between rapidly advancing, AI-powered cyberattack capabilities and the slower, lagging defensive and regulatory frameworks protecting the financial industry – as a major risk for financial institutions.
The report said that the activities that once required experts, significant resources and weeks of effort can increasingly be performed at machine speed by comparatively low-resource threat actors.
According to the report, this rapid rise in offensive capabilities is outpacing the development of cybersecurity defences and regulatory safeguards, creating a growing challenge for the financial sector.
S. Krishnan, Secretary MeitY said, “As cyber threats become increasingly sophisticated, trusted partnerships between public institutions and industry are essential to strengthening digital trust.”
It further noted that BFSI sector, one of the world’s most targeted industries, has built layered security architectures, mature threat intelligence capabilities and operates under significant regulatory oversight. However, the report said these hard-won defences are now being eroded by AI-enabled cyber threats.
The report also found that six of the seven forward-looking cyber threat predictions made in its previous edition have already reached full-scale realization, highlighting how quickly emerging threats are moving into real-world exploitation.

The report warned that frontier AI models are now capable of autonomously discovering software vulnerabilities and executing complex cyberattacks. It said what was once considered a theoretical risk has become a documented reality.
“Over the past year, frontier AI models capable of autonomous vulnerability discovery, exploit chaining, and weaponization have moved from theoretical concern to documented reality,” the report said.
The report cites Anthropic’s disclosure of GTG-1002, described as the first publicly reported large-scale AI-orchestrated cyber espionage campaign. According to Anthropic, the Chinese state-linked operation used AI to execute 80–90% of the attack lifecycle against around 30 global organizations, including financial institutions.
Also Read: Inside Story: How Claude Code Dispute Escalated Between Alibaba and Anthropic
It also references Anthropic’s Claude Mythos Preview, disclosed in April 2026, which reportedly identified more than 23,000 potential software vulnerabilities, including over 1,000 confirmed high- or critical-severity findings. “This is a structural shift, not an incremental one,” the report noted.
It raised concern over the offensive capability of AI, which is scaling faster than the regulatory, defensive, and operational frameworks designed to contain it.
“The most consequential change is not that attacks are more sophisticated. It is that they are becoming systematic. AI moves adversaries from manual, specialist operations to repeatable, automated attack pipelines, with vulnerability discovery, exploit chaining, and payload delivery industrialized more like software manufacturing than tradecraft,” the report said.
The report stressed that AI is changing the economics of cybercrime by making sophisticated attacks cheaper and more accessible. It said ransomware groups and other cybercriminals can now increasingly develop their own exploits using AI, reducing their dependence on underground hacking marketplaces and increasing the likelihood of attacks on financial institutions and other organisations.
“Ransomware groups and financially motivated actors that once depended on purchasing exploits from broker ecosystems can increasingly generate them independently, at marginal cost, against bespoke targets,” the report claimed.
The report said AI is expanding the reach of cyberattacks by enabling advanced models to automatically identify vulnerabilities across operating systems, web browsers and blockchain-based smart contracts.
It stated that these models successfully reproduced attacks in 207 of 405 historical smart contract exploits, representing $550 million in simulated stolen funds.
“For BFSI this is acute: banking environments carry decades of legacy systems, SaaS dependencies with opaque CVE histories, and operational technology touching payment and settlement infrastructure – precisely the surface these models systematically dissect,” the report added.
The report has urged banks and financial institutions to strengthen identity verification, continuously monitor AI systems, secure software development pipelines and adopt behavioural detection mechanisms capable of detecting attacks that lack established threat signatures. It also called on institutions to move beyond periodic compliance assessments toward continuous cyber resilience, arguing that traditional compliance alone is no longer sufficient against rapidly evolving AI-enabled threats.
“AI asymmetry is not a forecast. It is a documented and accelerating reality, and the institutions that restructure detection, patching, identity, and the software delivery pipeline around it now will be the ones still standing when the capability becomes ubiquitous,” the report said.
Also Read: UK Open Letter to Business Leaders on AI: “The threat… is changing”






