CERT-In warns AI is ‘significantly transforming cybersecurity landscape,’ urges faster response to threats
India’s cybersecurity agency CERT-In warned that AI technologies, including generative AI and LLMs, are being exploited by cybercriminals to accelerate attacks, urging organizations to adopt stricter vulnerability patching timelines and enhance security measures. The agency’s blueprint recommends immediate risk reduction steps, such as enforcing multi-factor authentication, and a phased plan to upgrade cybersecurity defenses over 60 days.
India’s national cybersecurity agency, CERT-In, has issued a warning that artificial intelligence is rapidly reshaping the cyber threat landscape. The agency’s latest blueprint highlights how generative AI, large language models (LLMs), autonomous agents, and AI-driven automation tools are being used by cybercriminals to speed up reconnaissance, automate vulnerability detection, create targeted phishing campaigns, and develop adaptive malware. These advancements are reducing the time attackers need to exploit weaknesses in systems, exposed services, and insecure APIs, increasing risks across interconnected digital infrastructure. CERT-In has set strict patching timelines for organizations, requiring critical flaws in internet-facing systems to be fixed within 12 hours and high-risk vulnerabilities to be addressed within one to five days. If patches are unavailable, affected systems must be isolated, access restricted, and monitoring strengthened. The agency also recommends adopting frameworks like Software Bill of Materials (SBOM), AI Bill of Materials (AIBOM), and Cryptographic Bill of Materials (CBOM) to identify software dependencies and mitigate risks from third-party technologies and AI tools. The blueprint emphasizes the dangers of unchecked public AI platforms and LLMs, urging organizations to move beyond traditional perimeter-based security. It outlines a three-phase implementation plan: the first phase involves immediate risk reduction, including enforcing multi-factor authentication within a week. The second phase focuses on strengthening operations and upgrading Security Operations Centres (SOCs) within 8-30 days. The final phase, spanning 31-60 days, includes advanced resilience testing and red team simulations to prepare for evolving AI-driven threats. Organizations are also required to report cyber incidents within six hours. CERT-In stresses the need for adaptive, resilience-focused cybersecurity strategies to counter the escalating sophistication of AI-powered cyber exploitation.
This content was automatically generated and/or translated by AI. It may contain inaccuracies. Please refer to the original sources for verification.