Digital
India ranks second globally for ransomware detections in 2025
Acronis report warns of surging AI-powered attacks, phishing dominance, and high lateral movement in Indian networks.
MUMBAI: India’s cybersecurity defences are getting a serious stress test, hackers aren’t just knocking on the door anymore, they’re moving in, redecorating, and throwing a ransomware party before anyone notices. Acronis, the global cybersecurity and data protection firm, dropped its biannual Cyberthreats Report for H2 2025 (titled “From exploits to malicious AI”) on 18 February 2026, drawing from telemetry across over one million endpoints via its Threat Research Unit and sensors.
The standout alarm for India: it claimed second place worldwide for ransomware detections trailing only the US with a hefty 31 per cent of all global detections. It also cracked the top 10 for publicly identified ransomware victims, logging 129 cases where organisations went public. More worryingly, India topped charts for lateral movement and mass infection activity, including the planet’s largest internal propagation incidents. Attackers aren’t content with breaching the perimeter; they’re spreading like wildfire inside networks, amplifying disruption and business pain.
Globally, cyberattacks kept climbing in 2025. Email-based threats rose 16 per cent per organisation and 20 per cent per user year-on-year, while phishing stayed king, driving 83 per cent of email threats in the second half and serving as the entry point for 52 per cent of attacks on managed service providers (MSPs). Attacks on collaboration platforms exploded from 12 per cent in 2024 to 31 per cent in 2025, turning tools like Teams and Slack into prime secondary vectors.
Other red flags from the report:
Powershell abuse ruled as the most misused legitimate tool, especially in Germany, the US, and Brazil.
All MSP-platform CVEs disclosed in 2025 earned High or Critical ratings.
AI turned operational for crooks: used for reconnaissance, ransomware negotiations (e.g., Global Group automating chats across victims), data exfiltration (GTG-2002 style), and even chilling social engineering like AI-generated “proof of life” images in virtual kidnapping scams.
Hotspots included India, the US, and the Netherlands for mass infections and lateral hops; South Korea led malware hits at 12% of users affected.
Ransomware favourites targeted manufacturing, technology, and healthcare sectors crippled by uptime demands. Top groups: Qilin (962 victims), Akira (726), Cl0p (517). Nearly 150 MSPs and telcos hit directly; over 7,600 public victims worldwide, with the US suffering 3,243. Newcomers Sinobi, TheGentlemen, and CoinbaseCartel joined the fray in H2.
Supply-chain woes persisted too, RMM tools like AnyDesk and TeamViewer got exploited, affecting over 1,200 third parties globally, with the US taking 574 hits. Akira and Cl0p led here again.
Acronis CISO Gerald Beuchelt summed it up bluntly, “As cyber threats evolve at an accelerated pace, 2025 has shown that attackers are not only scaling traditional methods like phishing and ransomware, but are leveraging AI to act faster, more efficiently, and at greater scale. This shift requires organisations to anticipate threats, automate defences, and build resilient systems capable of withstanding both traditional and AI-driven attacks.”
For Indian businesses, the message is clear: the threat landscape isn’t just heating up, it’s gone full inferno, with AI fanning the flames. Time to upgrade those digital fire extinguishers before the next breach burns brighter.
Digital
RBI proposes Rs 25,000 compensation cap for small digital fraud losses
RBI, customer bank and beneficiary bank will share payouts
NATIONAL: The Reserve Bank of India has proposed a new compensation framework for small-value fraudulent electronic banking transactions, requiring the central bank, the customer’s bank and the beneficiary’s bank to share payouts to affected customers.
Under draft rules released on Friday, compensation will be capped at the lower of 85 per cent of the net loss amount or Rs 25,000 in cases where the gross loss from a fraudulent electronic transaction is up to Rs 50,000.
The proposal comes as regulators step up efforts to strengthen customer protection amid a rise in digital banking frauds.
RBI governor Sanjay Malhotra had indicated during last month’s monetary policy announcement that the central bank planned to introduce a compensation framework for small-value digital frauds, allowing affected customers to claim relief once during their lifetime.
According to the draft guidelines, when the loss is below Rs 29,412, compensation of 85 per cent of the loss will be paid. Of this amount, 65 per cent will be borne by the RBI, while the customer’s bank and the beneficiary bank will contribute 10 per cent each.
For losses of Rs 29,412 or more but up to Rs 50,000, the compensation will be capped at Rs 25,000. In such cases, the RBI will contribute Rs 19,118, while the customer’s bank and the beneficiary bank will each contribute Rs 2,941.
If funds are later recovered after compensation has been paid, the customer’s bank must recalculate the payout based on the revised net loss and adjust the recovered amount accordingly.
Customers will be eligible for compensation only if they report the fraudulent transaction within five calendar days of its occurrence.
Complaints must be lodged both with the bank and through the National Cyber Crime reporting portal or the National Cyber Crime helpline. Banks must also confirm that the loss is bona fide under their internal processes.
Once a complaint is received, banks must compensate the customer within five calendar days, the draft rules state.
In joint accounts, only one account holder may submit a compensation claim.
The central bank has also proposed tightening transaction alerts by mandating instant SMS notifications for all electronic banking transactions above Rs 500. For transactions of up to Rs 500, banks may decide whether to send alerts based on internal policies.
Banks will not be allowed to charge customers for SMS messages sent to meet regulatory requirements or those used for promotional, marketing or customer awareness purposes.
The draft framework also calls for stronger oversight by requiring banks to periodically report complaints related to fraudulent electronic transactions to their boards or board-level committees. These reports must detail the number and value of cases across categories including card-present transactions, card-not-present transactions, internet banking, mobile banking and ATM transactions.
The RBI has invited public comments on the draft guidelines until 6 April, 2026. The rules are expected to take effect on 1 July, 2026 once finalised.
Banking officials say the proposed sharing of compensation between the RBI, the customer’s bank and the beneficiary bank is intended to increase vigilance across the digital payments ecosystem.
