How Figure AI's Vision Attracts Tech Titans and Ignites Investment Frenzy

Introduction

‍
India currently faces a crucial moment because its digital system experiences rapid growth while cyber criminals take advantage of this development to increase their fraudulent activities. The Department of Telecommunications (DoT) has implemented a new regulatory requirement that mandates all messaging and communication platforms to use SIM-binding technology as their primary security measure. The new rule, which starts on 1st March 2026, requires WhatsApp, Telegram, Signal and other similar applications to operate only when users have their registered SIM card present in their device. The telecom identifier restriction aims to prevent unauthorised access, but it creates significant privacy concerns, together with issues of proportionality and platform governance.

‍

Understanding the SIM-Binding Directive

‍

SIM-binding establishes direct links between communication platform accounts and the SIM cards used for registration. The application will stop working when users take out their SIM card, turn it off, or get a new SIM card. Users must re-authenticate their sessions through the main device because web-based sessions, including WhatsApp Web, will automatically log out after six hours of use. 

The Telecommunications Act, 2023 and Telecom Cyber Security Rules serve as the base legal authority for this directive. The regulation requires Telecommunication Identity User Entities (TIUEs), which identify users through mobile numbers, to maintain service access based on verified telecommunications credentials.

‍

Rationale: Addressing Cyber Fraud and Misuse

‍
The policy exists because cyber fraud activities have reached a point where they require a more powerful response. Authorities have stated that messaging applications maintain their operational capacity even after users remove their SIM cards, which allows international scammers to use Indian phone numbers for their fraudulent activities. SIM-binding aims to: 

• Restore traceability by linking active accounts to verified SIM-based identities.
• Reduce remote access abuse, which includes both account takeovers and impersonation scams.
• Stop fraudulent activities that require physical device access through the creation of permanent sessions.
• Build a system of accountability that extends throughout the telecommunications industry.

The government introduced this measure as an appropriate solution to deal with systemic vulnerabilities because reported cyber fraud losses in 2024 reached more than ₹22,800 crore.

‍

Security with Responsibility

‍

‍The system requires digital trust to be established through secure identity verification systems, which include official systems for verification and operational systems that enable governmental agencies to work together. 

CyberPeace principles require security measures to maintain three essential conditions, which are:

• They must respond to existing dangers 
• Their execution process must be open to public observation 
• They need to protect user rights, which include their right to privacy and personal independence 
• They must provide equal access while safeguarding against negative impacts on at-risk user groups. 

‍

Industry Response and Governance Challenges

‍
The directive has received diverse responses from people who work in different fields. Some platforms are testing SIM presence verification features for their upcoming changes, according to reports, while industry groups representing major technology companies have raised legal issues. They argue that the mandate may exceed the regulatory scope of the DoT and potentially conflict with constitutional protections. The existing tension demonstrates how governments face difficulties because they must protect national security while managing international platform operations and legal systems. The situation requires multiple stakeholders to work together because governments, industry, and civil society need to design policies through their collective input.

‍

Policy Insights and Recommendations

‍
The successful balanced execution of this initiative depends on these two essential elements:

1. Clear Implementation Guidelines: Organizations need to establish detailed technical standards together with compliance frameworks, which must be followed during their implementation process across various platforms. 
2. Privacy Safeguards: The telecom service provider must implement strong data protection measures that protect customer data from unauthorised access through SIM-binding technology. 
3. User Awareness and Transparency: Users should receive information about SIM-binding effects on their access rights, together with security controls, which will help them build trust and provide informed consent. 
4. Flexibility for Edge Cases: Provisions should exist for legitimate use cases such as device changes, international travel, and accessibility needs. 
5. Global Interoperability Dialogue: India should engage with global stakeholders to ensure that such measures do not fragment the digital ecosystem.

‍

Conclusion

‍
The SIM-binding directive establishes India’s defence against cyber threats by solving a specific problem that exists in digital identity verification. The system establishes CyberPeace as its fundamental base through its shift from reactive cybersecurity practices toward preventive digital governance methods. 

The system will achieve its desired results only if it effectively manages the three elements of security protection, privacy maintenance, and user convenience. SIM-binding and similar policies require ongoing assessment because their implementation affects both national security and the fundamental principles of trustworthiness, inclusiveness, and ethical digital governance.

‍

References

‍

• https://www.opindia.com/2026/02/sim-binding-to-be-implemented-from-1st-march-what-it-means-and-how-it-will-impact-users/
• https://www.ndtv.com/india-news/sim-binding-rule-set-to-change-how-whatsapp-telegram-work-in-india-from-march-1-11148903#:~:text=Under%20the%20new%20framework%2C%20messaging,is%20re%2Dinserted%20and%20authenticated.
• https://timesofindia.indiatimes.com/technology/tech-news/telecom-departments-sim-binding-rule-to-come-into-effect-from-tomorrow-march-1-what-is-sim-binding-how-it-works-and-what-it-means-for-whatsapp-users/articleshow/128879561.cms
• https://www.deccanherald.com/technology/whatsapp-begins-testing-sim-binding-in-india-3913963

‍

Disclaimer:

This report is based on extensive research conducted by CyberPeace Research using publicly available information, and advanced analytical techniques. The findings, interpretations, and conclusions presented are based on the data available at the time of study and aim to provide insights into global ransomware trends.

The statistics mentioned in this report are specific to the scope of this research and may vary based on the scope and resources of other third-party studies. Additionally, all data referenced is based on claims made by threat actors and does not imply confirmation of the breach by CyberPeace. CyberPeace includes this detail solely to provide factual transparency and does not condone any unlawful activities. This information is shared only for research purposes and to spread awareness. CyberPeace encourages individuals and organizations to adopt proactive cybersecurity measures to protect against potential threats.

CyberPeace Research does not claim to have identified or attributed specific cyber incidents to any individual, organization, or nation-state beyond the scope of publicly observable activities and available information. All analyses and references are intended for informational and awareness purposes only, without any intention to defame, accuse, or harm any entity.

While every effort has been made to ensure accuracy, CyberPeace Research is not liable for any errors, omissions, subsequent interpretations and any unlawful activities of the findings by third parties. The report is intended to inform and support cybersecurity efforts globally and should be used as a guide to foster proactive measures against cyber threats.

Executive Summary: 

The 2024 ransomware landscape reveals alarming global trends, with 166 Threat Actor Groups leveraging 658 servers/underground resources and mirrors to execute 5,233 claims across 153 countries. Monthly fluctuations in activity indicate strategic, cyclical targeting, with peak periods aligned with vulnerabilities in specific sectors and regions. The United States was the most targeted nation, followed by Canada, the UK, Germany, and other developed countries, with the northwestern hemisphere experiencing the highest concentration of attacks. Business Services and Healthcare bore the brunt of these operations due to their high-value data, alongside targeted industries such as Pharmaceuticals, Mechanical, Metal, Electronics, and Government-related professional firms. Retail, Financial, Technology, and Energy sectors were also significantly impacted.

This research was conducted by CyberPeace Research using a systematic modus operandi, which included advanced OSINT (Open-Source Intelligence) techniques, continuous monitoring of Ransomware Group activities, and data collection from 658 servers and mirrors globally. The team utilized data scraping, pattern analysis, and incident mapping to track trends and identify hotspots of ransomware activity. By integrating real-time data and geographic claims, the research provided a comprehensive view of sectoral and regional impacts, forming the basis for actionable insights.

The findings emphasize the urgent need for proactive Cybersecurity strategies, robust defenses, and global collaboration to counteract the evolving and persistent threats posed by ransomware.

Overview:

This report provides insights into ransomware activities monitored throughout 2024. Data was collected by observing 166 Threat Actor Groups using ransomware technologies across 658 servers/underground resources and mirrors, resulting in 5,233 claims worldwide. The analysis offers a detailed examination of global trends, targeted sectors, and geographical impact.

Top 10 Threat Actor Groups:

The ransomware group ‘ransomhub’ has emerged as the leading threat actor, responsible for 527 incidents worldwide. Following closely are ‘lockbit3’ with 522 incidents and ‘play’ with 351. Other Groups are ‘akira’, ‘hunters’, ‘medusa’, ‘blackbasta’, ‘qilin’, ‘bianlian’, ‘incransom’. These groups usually employ advanced tactics to target critical sectors, highlighting the urgent need for robust cybersecurity measures to mitigate their impact and protect organizations from such threats.

Monthly Ransomware Incidents:

In January 2024, the value began at 284, marking the lowest point on the chart. The trend rose steadily in the subsequent months, reaching its first peak at 557 in May 2024. However, after this peak, the value dropped sharply to 339 in June. A gradual recovery follows, with the value increasing to 446 by August. September sees another decline to 389, but a sharp rise occurs afterward, culminating in the year’s highest point of 645 in November. The year concludes with a slight decline, ending at 498 in December 2024 (till 28th of December).

Top 10 Targeted Countries:

1. The United States consistently topped the list as the primary target probably due to its advanced economic and technological infrastructure.
2. Other heavily targeted nations include Canada, UK, Germany, Italy, France, Brazil, Spain, and India.
3. A total of 153 countries reported ransomware attacks, reflecting the global scale of these cyber threats

Top Affected Sectors:

1. Business Services and Healthcare faced the brunt of ransomware threat due to the sensitive nature of their operations.
2. Specific industries under threats:
   1. Pharmaceutical, Mechanical, Metal, and Electronics industries.
   2. Professional firms within the Government sector.
3. Other sectors:
   1. Retail, Financial, Technology, and Energy sectors were also significant targets.

Geographical Impact:

The continuous and precise OSINT(Open Source Intelligence) work on the platform, performed as a follow-up action to data scraping, allows a complete view of the geography of cyber attacks based on their claims. The northwestern region of the world appears to be the most severely affected by Threat Actor groups. The figure below clearly illustrates the effects of this geographic representation on the map.

Ransomware Threat Trends in India:

In 2024, the research identified 98 ransomware incidents impacting various sectors in India, marking a 55% increase compared to the 63 incidents reported in 2023. This surge highlights a concerning trend, as ransomware groups continue to target India's critical sectors due to its growing digital infrastructure and economic prominence.

Top Threat Actors Group Targeted India:

Among the following threat actors ‘killsec’ is the most frequent threat. ‘lockbit3’  follows as the second most prominent threat, with significant but lower activity than killsec. Other groups, such as ‘ransomhub’, ‘darkvault’, and ‘clop’, show moderate activity levels. Entities like ‘bianlian’, ‘apt73/bashe’, and ‘raworld’ have low frequencies, indicating limited activity. Groups such as ‘aps’ and ‘akira’ have the lowest representation, indicating minimal activity. The chart highlights a clear disparity in activity levels among these threats, emphasizing the need for targeted cybersecurity strategies.

Top Impacted Sectors in India:

The pie chart illustrates the distribution of incidents across various sectors, highlighting that the industrial sector is the most frequently targeted, accounting for 75% of the total incidents. This is followed by the healthcare sector, which represents 12% of the incidents, making it the second most affected. The finance sector accounts for 10% of the incidents, reflecting a moderate level of targeting. In contrast, the government sector experiences the least impact, with only 3% of the incidents, indicating minimal targeting compared to the other sectors. This distribution underscores the critical need for enhanced cybersecurity measures, particularly in the industrial sector, while also addressing vulnerabilities in healthcare, finance, and government domains.

Month Wise Incident Trends in India:

The chart indicates a fluctuating trend with notable peaks in May and October, suggesting potential periods of heightened activity or incidents during these months. The data starts at 5 in January and drops to its lowest point, 2, in February. It then gradually increases to 6 in March and April, followed by a sharp rise to 14 in May. After peaking in May, the metric significantly declines to 4 in June but starts to rise again, reaching 7 in July and 8 in August. September sees a slight dip to 5 before the metric spikes dramatically to its highest value, 24, in October. Following this peak, the count decreases to 10 in November and then drops further to 7 in December.

CyberPeace Advisory:

1. Implement Data Backup and Recovery Plans: Backups are your safety net. Regularly saving copies of your important data ensures you can bounce back quickly if ransomware strikes. Make sure these backups are stored securely—either offline or in a trusted cloud service—to avoid losing valuable information or facing extended downtime.  
2. Enhance Employee Awareness and Training: People often unintentionally open the door to ransomware. By training your team to spot phishing emails, social engineering tricks, and other scams, you empower them to be your first line of defense against attacks.  
3. Adopt Multi-Factor Authentication (MFA): Think of MFA as locking your door and adding a deadbolt. Even if attackers get hold of your password, they’ll still need that second layer of verification to break in. It’s an easy and powerful way to block unauthorized access.  
4. Utilize Advanced Threat Detection Tools: Smart tools can make a world of difference. AI-powered systems and behavior-based monitoring can catch ransomware activity early, giving you a chance to stop it in its tracks before it causes real damage.  
5. Conduct Regular Vulnerability Assessments: You can’t fix what you don’t know is broken. Regularly checking for vulnerabilities in your systems helps you identify weak spots. By addressing these issues proactively, you can stay one step ahead of attackers.

 ‍

Conclusion:

The 2024 ransomware landscape reveals the critical need for proactive cybersecurity strategies. High-value sectors and technologically advanced regions remain the primary targets, emphasizing the importance of robust defenses. As we move into 2025, it is crucial to anticipate the evolution of ransomware tactics and adopt forward-looking measures to address emerging threats. 

Global collaboration, continuous innovation in cybersecurity technologies, and adaptive strategies will be imperative to counteract the persistent and evolving threats posed by ransomware activities. Organizations and governments must prioritize preparedness and resilience, ensuring that lessons learned in 2024 are applied to strengthen defenses and minimize vulnerabilities in the year ahead.

‍

‍

Introduction 

India envisions reaching its goal of becoming Viksit Bharat by 2047. With a net-zero emissions target by 2070, it has already reduced GDP emission intensity by 36% (from 2005 to 2020) and is working towards a 45% reduction goal by 2030. This will help the country achieve economic growth while minimizing environmental impact, ensuring sustainable development for the future. The 2025 Union Budget prioritises energy security, clean energy expansion, and green tech manufacturing. Furthermore, India’s promotion of sustainability policies in startups, MSMEs, and clean tech shows its commitment to COP28 and SDGs. India’s key policy developments for sustainability and energy efficiency include the Energy Conservation Act (2022), PAT scheme, S&L scheme, and the Energy Conservation Building Code, driving decarbonization, energy efficiency, and a sustainable future.

India’s Policy and Regulatory Landscape 

The Indian law of Energy Conservation (Amendment) Act which was enacted in 2022 aims at enhancing energy efficiency while ensuring economic growth. It works on the aim of reducing emission intensity by 2030. The Act tackles regulatory, financial, and awareness barriers to promote energy-saving technologies. Next, the Perform, Achieve, and Trade (PAT) Scheme improves cost-effective energy efficiency in energy-intensive industries through tradable energy-saving certificates. Adding on, the PLI Scheme boosts green manufacturing by attracting investments, both domestically and internationally. The Bureau of Energy Efficiency (BEE) enforces Minimum Energy Performance Standards (MEPS) and star ratings for appliances, guiding consumers toward energy-efficient choices. These initiatives collectively drive carbon reduction and sustainable energy use in India.

Growth of Energy-Efficient Technologies 

India has been making massive strides in its integration of renewable energy, such as solar and wind energies, mainly due to improvements in storage technologies. Another key development is the real-time optimization of energy usage through smart grids and AI-driven energy management. The EV and green mobility boom has been charged through by the rapid expansion of charging infrastructure and the policy interventions to support the shift. The building of green building codes and IoT-driven energy management has led to building efficiency, and finally, the efforts for industrial energy optimisation have been met through AI/ML-driven demand-side management in heavy industries. 

Market Trends, Investment, and Industry Adoption 

The World Energy Investment Report 2024 (IEA) projects global energy investment to surpass $3 trillion, with $2 trillion allocated to clean energy. India’s clean energy investment reached $68 billion in 2023, a 40%+ rise from 2016-2020, with nearly 50% directed toward low-emission power, including solar PV. Investment is set to double by 2030 but needs a 20% further rise to meet climate goals.

India’s ESG push is driven by Net Zero 2070, SEBI’s BRSR mandates, and UN SDGs, with rising scrutiny on corporate governance. ESG-aligned investments are expanding, reinforcing sustainability. Meanwhile, energy efficiency in manufacturing minimizes waste and environmental impact, while digital transformation in energy management boosts renewable integration, grid reliability, and cost efficiency, ensuring a sustainable energy transition.

The Way Forward 

There are multiple implementation bottlenecks present for the active policies which include infrastructure paucity, financing issues and even the on-ground implementational challenges of the active policies. To combat these issues India needs to adopt measures for promoting public-private partnerships to scale energy-efficient solutions. Incentives for industries to adopt green technologies should be strengthened (tax exemptions and subsidies for specific periods), with increased R&D support and regulatory sandboxes to encourage adoption. Finally, the role of industries, policymakers and consumers needs to be in tandem to accelerate the efforts made towards a sustainable and green future for India. Emerging technologies play an important in bridging gaps and aim towards the adoption of global best practices for India.

References

• https://instituteofsustainabilitystudies.com/insights/lexicon/green-technologies-innovations-opportunities-challenges/
• https://powermin.gov.in/sites/default/files/The_Energy_Conservation_Amendment_Act_2022_0.pdf‍
• https://www.ibef.org/blogs/esg-investing-in-india-navigating-environmental-social-and-governance-factors-for-sustainable-growth