AI-driven attacks pose as one of the most significant threats in 2025

In an engaging chat, Vishal Salvi, Chief Executive Officer at Quick Heal Technologies shares the evolution of cybersecurity techniques in the recent years, about the AI arms race in the area of security and the readiness of Seqrite when it comes to leveraging AI and ML in enhancing threat detection and reporting - 

What are the key factors contributing to this rapid increase in cyberattacks?

At Seqrite Labs, India’s largest malware analysis facility, our researchers have tracked a staggering 974.6% growth in behavioral-based detections since 2021. This isn't just a number; it represents a fundamental shift in how attackers operate.

I believe several factors are driving this surge. First, attack methodologies have evolved dramatically. Threat actors now employ sophisticated techniques like fileless attacks that simply bypass traditional defenses. We are also seeing malware written in modern languages like Golang and Rust that can operate across platforms. India's digital transformation has created numerous entry points, with our research showing healthcare, hospitality, and BFSI as prime targets. Geopolitical tensions are increasingly playing out in cyberspace. We have tracked over 5,842 hacktivist attacks targeting Indian organizations just this last year.

What's particularly concerning is how cybercrime has been democratized. Tools like AsukaStealer malware are available for just $80 monthly, lowering the barrier to entry. At Seqrite, we are constantly adapting our defense strategies to address these evolving threats.

How have cybercriminal techniques evolved over the years? What type of attacks are becoming more prevalent in today’s time?

In my journey, I've never seen threat actors evolve as rapidly as they have recently. The most significant shift we have observed is from opportunistic to targeted attacks. Operations like "FlightNight," which we analyzed extensively at Seqrite, specifically targeted Indian government and energy sectors, exfiltrating nearly 9 GB of sensitive data.

Supply chain compromises are particularly concerning. Our team of researchers at Seqrite Labs identified attacks on legitimate software like Notezilla and RecentX, where installers were trojanized to steal credentials and cryptocurrency wallet data. The critical vulnerability in XZ-Utils with a perfect CVSS score of 10 demonstrated how widely-used open-source components can become attack vectors.

At the same time, ransomware continues evolving beyond simple encryption. On mobile platforms, we're seeing increasingly sophisticated threats. Our research shows that 42% of Android detections made in 2024 were malware, with campaigns like RewardSteal distributing malware via WhatsApp.

At Seqrite, we have responded by developing multi-layered defenses combining signature-based detection with advanced behavior analytics. This approach has proven critical as attacks become more sophisticated and challenging to detect using traditional methods.

What key security trends have recently shaped and influenced Seqrite’s product strategy?

At Seqrite, our product strategy evolves continuously to address the changing threat landscape. Several key trends have shaped our approach. The most significant trend we have observed is the limitations of traditional signature-based detection against modern threats. While our data shows that signature-based methods still account for 85% of detections, I've directed significant investment into behavior-based capabilities. The 974.6% increase in behavioral-based detections since 2021 validates this direction.

We have also noted that network-based threats now account for 78% of signature-based detections. This has guided our development of enhanced network security capabilities providing real-time protection. What's particularly interesting is how threats vary by region and industry. Our research shows that 51% of national security detections are concentrated across just ten states, with Telangana experiencing the highest rates. We have ensured our platform incorporates industry-specific threat intelligence, especially for high-risk sectors like healthcare, which faces 37.29 detections per endpoint.

I firmly believe proactive threat intelligence is the backbone of effective cybersecurity, which is why we at Seqrite have prioritized this capability in our security solutions through innovations such as GoDeep.AI, an AI-powered malware-hunting technology designed to proactively hunt for and neutralize threats.

In what way is Seqrite embracing AI and ML to enhance threat detection and response?

We are witnessing an AI arms race in cybersecurity. On one side, threat actors are weaponizing these technologies to create more sophisticated attacks. On the other, defenders like us at Seqrite are leveraging AI to enhance protection. AI-powered attacks represent one of the most critical threats for 2025.

Polymorphic malware like BlackMamba utilizes AI for evasion and leverages OpenAI for payload generation. What makes this especially concerning is how these technologies allow attackers to create threats that can modify their approach in real time. Deepfakes present another AI-powered threat vector, which we are observing closely. Advanced voice imitation techniques are being used for targeted executive fraud, fundamentally changing how identity verification operates.

At Seqrite, we have championed AI and ML as core components of our defense strategy. Like I mentioned earlier, our cutting-edge innovation GoDeep.AI proactively seeks anomalies in security systems to detect and deter malware. The technology also leverages machine learning to analyze vast amounts of behavioral data, identifying suspicious patterns that traditional approaches would miss. This approach is essential for combating zero-day exploits and advanced persistent threats.

Q5. How do you see the collaboration between cybersecurity vendors, the government and other private sector bodies in addressing zero-day vulnerabilities and threats effectively?

In my view effective cybersecurity today transcends organizational boundaries. At Seqrite, collaboration isn't just a buzzword; it’s an imperative for addressing zero-day vulnerabilities and emerging threats. Recent incidents underscore this necessity. Take the critical backdoor vulnerability in XZ-Utils with a CVSS score of 10. This affected numerous Linux distributions and required coordinated response from multiple stakeholders. Similarly, sophisticated campaigns like Operation FlightNight targeting government entities and energy companies demonstrate how cross-sector attacks require coordinated defenses.

Seqrite actively participates in several collaborative initiatives. By actively engaging with industry peers, government bodies like DSCI, and global standards organizations, we share knowledge and enhance collective cybersecurity capabilities. Seqrite also became the first Indian company to work with the US government on NIST NCCoE's Data Classification project.

Looking ahead, I believe we need even deeper collaboration, particularly in critical infrastructure protection. Cybersecurity is truly a shared responsibility, and we at Seqrite remain committed to fostering partnerships that strengthen India's collective defense capabilities.