#FactCheck - Debunking Viral Photo: Tears of Photographer Not Linked to Ram Mandir Opening

Introduction

‍

Artificial Intelligence (AI) is fast transforming our future in the digital world, transforming healthcare, finance, education, and cybersecurity. But alongside this technology, bad actors are also weaponising it. More and more, state-sponsored cyber actors are misusing AI tools such as ChatGPT and other generative models to automate disinformation, enable cyberattacks, and speed up social engineering operations. This write-up explores why and how AI, in the form of large language models (LLMs), is being exploited in cyber operations associated with adversarial states, and the necessity for international vigilance, regulation, and AI safety guidelines.

‍

The Shift: AI as a Cyber Weapon

‍

State-sponsored threat actors are misusing tools such as ChatGPT to turbocharge their cyber arsenal.

• Phishing Campaigns using AI- Generative AI allows for highly convincing and grammatically correct phishing emails. Unlike the shoddily written scams of yesteryears, these AI-based messages are tailored according to the victim's location, language, and professional background, increasing the attack success rate considerably. Example: It has recently been reported by OpenAI and Microsoft that Russian and North Korean APTs have employed LLMs to create customised phishing baits and malware obfuscation notes.
  
  
• Malware Obfuscation and Script Generation- Big Language Models (LLMs) such as ChatGPT may be used by cyber attackers to help write, debug, and camouflage malicious scripts. While the majority of AI instruments contain safety mechanisms to guard against abuse, threat actors often exploit "jailbreaking" to evade these protections. Once such constraints are lifted, the model can be utilised to develop polymorphic malware that alters its code composition to avoid detection. It can also be used to obfuscate PowerShell or Python scripts to render them difficult for conventional antivirus software to identify. Also, LLMs have been employed to propose techniques for backdoor installation, additional facilitating stealthy access to hijacked systems.
  
  
• Disinformation and Narrative Manipulation
  State-sponsored cyber actors are increasingly employing AI to scale up and automate disinformation operations, especially on election, protest, and geopolitical dispute days. With LLMs' assistance, these actors can create massive amounts of ersatz news stories, deepfake interview transcripts, imitation social media posts, and bogus public remarks on online forums and petitions. The localisation of content makes this strategy especially perilous, as messages are written with cultural and linguistic specificity, making them credible and more difficult to detect. The ultimate aim is to seed societal unrest, manipulate public sentiments, and erode faith in democratic institutions.

‍

Disrupting Malicious Uses of AI – OpenAI Report (June 2025) 

‍

OpenAI released a comprehensive threat intelligence report called "Disrupting Malicious Uses of AI" and the “Staying ahead of threat actors in the age of AI”, which outlined how state-affiliated actors had been testing and misusing its language models for malicious intent. The report named few advanced persistent threat (APT) groups, each attributed to particular nation-states. OpenAI highlighted that the threat actors used the models mostly for enhancing linguistic quality, generating social engineering content, and expanding operations. Significantly, the report mentioned that the tools were not utilized to produce malware, but rather to support preparatory and communicative phases of larger cyber operations.

‍

AI Jailbreaking: Dodging Safety Measures

‍

One of the largest worries is how malicious users can "jailbreak" AI models, misleading them into generating banned content using adversarial input. Some methods employed are:

• Roleplay: Simulating the AI being a professional criminal advisor
• Obfuscation: Concealing requests with code or jargon
• Language Switching: Proposing sensitive inquiries in less frequently moderated languages
• Prompt Injection: Lacing dangerous requests within innocent-appearing questions

These methods have enabled attackers to bypass moderation tools, transforming otherwise moral tools into cybercrime instruments.

‍

Conclusion

‍

As AI generations evolve and become more accessible, its application by state-sponsored cyber actors is unprecedentedly threatening global cybersecurity. The distinction between nation-state intelligence collection and cybercrime is eroding, with AI serving as a multiplier of adversarial campaigns. AI tools such as ChatGPT, which were created for benevolent purposes, can be targeted to multiply phishing, propaganda, and social engineering attacks. The cross-border governance, ethical development practices, and cyber hygiene practices need to be encouraged.  AI needs to be shaped not only by innovation but by responsibility.

‍

References

• https://www.microsoft.com/en-us/security/blog/2024/02/14/staying-ahead-of-threat-actors-in-the-age-of-ai/
• https://www.bankinfosecurity.com/openais-chatgpt-hit-nation-state-hackers-a-28640
• https://oecd.ai/en/incidents/2025-06-13-b5e9
• https://www.microsoft.com/en-us/security/security-insider/meet-the-experts/emerging-AI-tactics-in-use-by-threat-actors
• https://www.wired.com/story/youre-not-ready-for-ai-hacker-agents/
• https://www.cert-in.org.in/PDF/Digital_Threat_Report_2024.pdf
• https://cdn.openai.com/threat-intelligence-reports/5f73af09-a3a3-4a55-992e-069237681620/disrupting-malicious-uses-of-ai-june-2025.pdf

‍

Introduction

Quantum mechanics is not a new field. It finds its roots in the works of physicists such as Niels Bohr in the 1920s, and has informed the development of technologies like nuclear power in the past. But with developments in science and engineering, we are at the cusp of harnessing quantum mechanics for a new wave of real-world uses in sensing and metrology, computing, networking, security, and more. While at different stages of development, quantum technologies have the potential to revolutionise global security, economic systems, and digital infrastructure. The science is dazzling, but it is equally urgent to start preparing for its broader impact on society, especially regarding privacy and digital security. This article explores quantum computing, its threat to information integrity, and global interdependencies as they exist today, and discusses policy areas that should be addressed.

What Is Quantum Computing?

Classical computers use binary bits (0 or 1) to represent and process information. This binary system forms the base of modern computing. But quantum computers use qubits (quantum bits) as a basic unit, which can exist in multiple states ( 0, 1, both, or with other qubits) simultaneously due to quantum principles like superposition and entanglement. This creates an infinite range of possibilities in information processing and allows quantum machines to perform complex computations at speeds impossible for traditional computers. While still in their early stages, large-scale quantum computers could eventually:

1. Break modern encryption systems
2. Model complex molecules for drug discovery
3. Optimise global logistics and financial systems
4. Accelerate AI and machine learning

While this could eventually present significant opportunities in fields such as health innovation, material sciences, climate modelling, and cybersecurity, challenges will continue to arise even before the technology is ready for commercial application. Policymakers must start anticipating their impact.

Threats

Policy solutions surrounding quantum technologies will depend on the pace of development of the elements of the quantum ecosystem. However, the most urgent concerns regarding quantum computing applications are the risk to encryption and the impact on market competition.

1. Cybersecurity Threat: Digital infrastructure today (e.g., cloud services, networks, servers, etc.) across sectors such as government, banking and finance, healthcare, energy, etc., depends on encryption for secure data handling and communications. Threat actors can utilise quantum computers to break this encryption. Widely used asymmetric encryption keys, such as RSA or ECC, are particularly susceptible to being broken. Threat actors could "harvest now, decrypt later”- steal encrypted data now and decrypt it later when quantum capabilities mature. Although AES-256, a symmetric encryption standard, is currently considered resistant to quantum decryption, it only protects data after a secure connection is established through a process that today relies on RSA or ECC. This is why governments and companies are racing to adopt Post- Quantum Cryptography (PQC) and quantum key distribution (QKD) to protect security and privacy in digital infrastructure.

2. Market Monopoly: Quantum computing demands significant investments in infrastructure, talent, and research, which only a handful of countries and companies currently possess. As a result, firms that develop early quantum advantage may gain unprecedented competitive leverage through offerings such as quantum-as-a-service, disrupting encryption-dependent industries, or accelerating innovation in pharmaceuticals, finance, and logistics. This could reinforce the existing power asymmetries in the global digital economy. Given these challenges, proactive and forward-looking policy frameworks are critical.

What Should Quantum Computing Policy Cover?

Commercial quantum computing will transform many industries. Policy will have to be flexible and be developed in iterations to account for fast-paced developments in the field. It will also require enduring international collaboration to effectively address a broad range of concerns, including ethics, security, privacy, competition, and workforce implications.

1. Cybersecurity and Encryption: Quantum policy should prioritise the development and standardisation of quantum-resistant encryption methods. This includes ongoing research into Post-Quantum Cryptography (PQC) algorithms and their integration into digital infrastructure. Global policy will need to align national efforts with international standards to create unified quantum-safe encryption protocols.

2. Market Competition and Access: Given the high barriers to entry, regulatory frameworks should promote fair competition, enabling smaller players like startups and developing economies to participate meaningfully in the quantum economy. Frameworks to ensure equitable access, interoperability, and fair competition will become imperative as the quantum ecosystem matures so that society can reap its benefits as a whole.

4. Ethical Considerations: Policymakers will have to consider the impact on privacy and security, and push for the responsible use of quantum capabilities. This includes ensuring that quantum advances do not contribute to cybercrime, disproportionate surveillance, or human rights violations.

5. International Standard-Setting: Setting benchmarks, shared terminologies, and measurement standards will ensure interoperability and security across diverse stakeholders and facilitate global collaboration in quantum research and infrastructure.

6. Military and Defence Implications: Militarisation of quantum technologies is a growing concern, and national security affairs related to quantum espionage are being urgently explored. Nations will have to develop regulations to protect sensitive data and intellectual property from quantum-enabled attacks.

7. Workforce Development and Education: Policies should encourage quantum computing education at various levels to ensure a steady pipeline of talent and foster cross-disciplinary programs that blend quantum computing with fields like machine learning, AI, and engineering.

8. Environmental and Societal Impact: Quantum computing hardware requires specialised conditions such as extreme cooling. Policy will have to address the environmental footprint of the infrastructure and energy consumption of large-scale quantum systems. Broader societal impacts of quantum computing, including potential job displacement, accessibility issues, and the equitable distribution of quantum computing benefits, will have to be explored.

Conclusion

Like nuclear power and AI, the new wave of quantum technologies is expected to be an exciting paradigm shift for society. While they can bring numerous benefits to commercial operations and address societal challenges, they also pose significant risks to global information security. Quantum policy will require regulatory, strategic, and ethical frameworks to govern the rise of these technologies, especially as they intersect with national security, global competition, and privacy. Policymakers must act in collaboration to mitigate unethical use of these technologies and the entrenchment of digital divides across countries. The OECD’s Anticipatory Governance of Emerging Technologies provides a framework of essential values like respect for human rights, privacy, and sustainable development, which can be used to set a baseline, so that quantum computing and related technologies benefit society as a whole.

References

• https://www.weforum.org/stories/2024/07/explainer-what-is-quantum-technology/
• https://www.paconsulting.com/insights/what-is-quantum-technology
• https://delinea.com/blog/quantum-safe-encryption#:~:text=This%20can%20result%20in%20AES,%2D128%20to%20AES%2D256.
• https://www.oecd.org/en/publications/a-quantum-technologies-policy-primer_fd1153c3-en.html

‍

Introduction

India’s digital growth journey has been moving at a tremendous pace. According to MeitY’s report, India’s digital economy is expected to rise to US$ 500 billion by 2025, up from US$ 200 billion in 2019. The digitisation drive that we are experiencing is likely to foster and boost a favourable business environment that will attract rapid investment and augment economic growth across sectors. This will, in turn, compel businesses to adopt digital platforms as solutions to meet customer expectations. Due to accelerated digitisation, cyber risks often deter business growth. Cybercrimes are becoming more rampant and complex and the costs associated with such breaches are not only increasing but also becoming more systemic.

Development of the Cyber Insurance Landscape

Digitization of businesses started in the 1980s with the use of mainframes. Personal computers entered the game and further modified the landscape from the 2000s along with LANs, the internet and the dot-com boom of the 2000s. In the late 1990s, cyber-insurance was developed as a risk management tool to ensure information security. Coverage was limited, and clients included SMEs in need of insurance to qualify for tenders, or community banks too small to hedge the risks of their online banking operations. The first cyber insurance policy was written in 1997 through AIG, against hacking as a third-party liability policy. 

The current trends in the cyber insurance space are focused on the prevention of cyber risks, which by nature are hard to outline and constantly evolving. The result is that the buyers have limited clarity on the types of cyber risks covered under cyber insurance, and even lesser visibility on the scope and amount of optimum coverage. Unfamiliarity with the claim procedure and resolutions, ambiguous claim thresholds during settlements, and confusion around exclusions and coverage of regulatory fines and penalties under a purchased scheme further discourage potential buyers from seriously investing in cyber insurance products. 

Key Factors in Cyber Insurance Evolution and Its Role in Risk Management

The cyber insurance market in India has three key influencing factors, namely the speed of achieving digital maturity, government initiatives to digitise and enforce stringent cyber laws, and the evolving landscape with technology giants and MNCs entering the cyber insurance domain. The latter  are the catalyst for intensifying competition in this market. 

Advancements in technology in terms of AI, machine learning, big data, robotics, blockchain, augmented and virtual reality, and IoT are expected to reshape the insurance industry and help reach untapped audiences in a more digital-forward manner. With the absence of a standard cyber insurance policy, regulators need to take the following variables into consideration while developing cyber insurance policies: the risk insured against, the scope of the loss covered and the limits/ sub-limits.

Challenges 

With the complexity of cyber risks increasing exponentially the challenges to counter the same are growing too which is leading to gaps in the coverage offered for cyber threats. Resultantly, the compliance regulations are dependent on the risks which exist and cyber threat actors adopt new technologies faster and exploit them to their benefit. A lack of historical data and predictability in future cyber risks, the possibility of large overwhelming loss events, uncertainties among market participants about what is specifically covered under such policies, and legal battles over fundamental issues are some of the challenges identified.

Future Outlook/ Recommendations

India's cyber infrastructure requires a multi-faceted approach that involves collaboration between government, industry, and academia should be developed. Some recommendations are:

• Risk assessments should be a general practice and the cyber insurance policies should be simplified, clearing the mismatch between the premium paid and insurance coverage and there should be standard verbosity across cyber policy language.
• Promoting R&D tailored to India focused on education programs that have public-private partnerships and global collaborations to share threat intelligence, best practices, and expertise in critical infrastructure protection.
• Cyber insurance can also be promoted as compliance with the DPDP Act, which would lead to better development of cyber infrastructure and cyber hygiene practices.
• Regular updates to cyber insurance policies to ensure relevance and effectiveness. Insurers could create and offer holistic cyber insurance risk management plans.

Conclusion

According to a report by Deloitte in 2023, the cyber insurance market in India is expected to grow by 27-30 per cent in the coming years and it is currently valued at USD 50-60 million, while maintaining a steady 27-30 per cent CAGR in the past three years. The Indian cyber infrastructure’s nature is challenging, however, it offers opportunities for growth, innovation, and collaboration. A proactive approach, supported by robust policies, advanced technologies, and skilled professionals, will be essential to building a resilient cyber infrastructure capable of withstanding evolving threats.

Reference

• https://www2.deloitte.com/content/dam/Deloitte/nl/Documents/financial-services/deloitte-nl-fsi-demystifying-cyber-insurance-coverage-report.pdf
• https://www.dnaindia.com/business/report-what-s-cyber-liablity-insurance-and-why-you-may-need-it-2136556‍
• https://economictimes.indiatimes.com/industry/banking/finance/insure/cyber-insurance-gains-momentum-in-india-set-to-witness-exponential-growth-deloitte/articleshow/104189297.cms?from=mdr