What is the story about?
India’s top cybersecurity agency has sounded the alarm over a new generation of AI-assisted cyber threats, warning that advances in artificial intelligence are dramatically reducing the time organisations have to detect, respond to and contain attacks.
In a newly released 38-page blueprint, the Indian Computer Emergency Response Team (CERT-In) warned that conventional cybersecurity practices may no longer be enough in an era where AI tools can automate vulnerability discovery, accelerate phishing campaigns and execute sophisticated attacks at unprecedented speed.
The document, titled Blueprint for Reducing Exposure and Defending against AI-Assisted Vulnerabilities Exploitation in Digital Infrastructure, lays out a sweeping set of recommendations for organisations across sectors. These include aggressive patching timelines, continuous monitoring, zero-trust security frameworks and the adoption of AI-powered defensive systems.
The advisory arrives amid growing concern globally that advanced AI models could soon enable cyber criminals to discover and exploit software weaknesses far faster than human attackers ever could.
According to CERT-In, artificial intelligence is fundamentally changing how cyber attacks are conducted. The agency warned that threat actors are increasingly using generative AI, large language models, autonomous agents and automation platforms to scale attacks and shorten exploitation windows.
Tasks that once required highly skilled hackers and weeks of preparation can now potentially be executed in hours or even minutes with AI assistance. CERT-In said organisations should prepare for a future where cyber attacks become faster, more adaptive and increasingly automated.
Among the key risks identified are AI-driven reconnaissance, automated vulnerability scanning, adaptive malware, AI-generated phishing campaigns and deepfake-enabled fraud. The agency warned that highly personalised phishing attacks, executive impersonation schemes and AI-generated social engineering campaigns are likely to become far more convincing and difficult to detect.
The blueprint also highlighted the growing risk posed by autonomous AI agents capable of carrying out semi-automated or fully automated cyber operations across multiple stages of an attack chain. These systems could potentially handle reconnaissance, privilege escalation, lateral movement and data exfiltration with minimal human involvement.
CERT-In additionally warned that organisations deploying AI systems could themselves become targets through prompt injection attacks, AI model manipulation, training data poisoning and theft of proprietary AI models.
One of the most striking recommendations in the framework is the compressed timeline for responding to vulnerabilities.
CERT-In has advised organisations to patch known vulnerabilities affecting internet-facing and “crown jewel” systems within 12 hours wherever feasible. Critical externally exposed vulnerabilities should be addressed within 24 hours, while high-severity flaws affecting important systems should be mitigated within three to five days depending on exposure levels.
The agency stressed that periodic audits and reactive responses are no longer sufficient in an AI-driven threat environment. Traditional perimeter-based security strategies, it warned, cannot adequately defend against attackers using adaptive AI tools capable of rapidly changing techniques.
CERT-In also reiterated its existing requirement that cyber incidents must be reported within six hours of detection.
Although the blueprint itself does not create new legal obligations, it strongly encourages organisations to rethink how they approach cybersecurity preparedness.
To strengthen resilience, CERT-In has urged organisations to adopt “assume breach” strategies focused on rapid detection, containment and recovery rather than relying solely on prevention.
The framework recommends broader adoption of zero-trust security principles, including multi-factor authentication, privileged access management, micro-segmentation, conditional access systems and continuous session monitoring.
The agency also pushed for stronger protections against software supply chain attacks through the adoption of Software Bills of Materials (SBOMs) and related frameworks designed to improve visibility into software dependencies, AI components and cryptographic systems.
Continuous security assessments, red teaming exercises and adversarial simulations were also highlighted as essential measures. CERT-In suggested organisations should increasingly conduct resilience testing through empanelled cybersecurity auditors to evaluate preparedness against AI-enabled threats.
The blueprint comes amid heightened concern within the Indian government over the cybersecurity implications of rapidly advancing AI systems. Recent high-level discussions involving Finance Minister Nirmala Sitharaman reportedly examined the possible risks that advanced AI vulnerability discovery tools could pose to India’s banking and financial infrastructure.
CERT-In’s warning is clear: the age of slow-moving cyber attacks may be ending, and organisations that fail to adapt quickly could find themselves dangerously exposed in an AI-driven threat landscape.
In a newly released 38-page blueprint, the Indian Computer Emergency Response Team (CERT-In) warned that conventional cybersecurity practices may no longer be enough in an era where AI tools can automate vulnerability discovery, accelerate phishing campaigns and execute sophisticated attacks at unprecedented speed.
The document, titled Blueprint for Reducing Exposure and Defending against AI-Assisted Vulnerabilities Exploitation in Digital Infrastructure, lays out a sweeping set of recommendations for organisations across sectors. These include aggressive patching timelines, continuous monitoring, zero-trust security frameworks and the adoption of AI-powered defensive systems.
The advisory arrives amid growing concern globally that advanced AI models could soon enable cyber criminals to discover and exploit software weaknesses far faster than human attackers ever could.
AI is accelerating the cyber threat landscape
According to CERT-In, artificial intelligence is fundamentally changing how cyber attacks are conducted. The agency warned that threat actors are increasingly using generative AI, large language models, autonomous agents and automation platforms to scale attacks and shorten exploitation windows.
Tasks that once required highly skilled hackers and weeks of preparation can now potentially be executed in hours or even minutes with AI assistance. CERT-In said organisations should prepare for a future where cyber attacks become faster, more adaptive and increasingly automated.
Among the key risks identified are AI-driven reconnaissance, automated vulnerability scanning, adaptive malware, AI-generated phishing campaigns and deepfake-enabled fraud. The agency warned that highly personalised phishing attacks, executive impersonation schemes and AI-generated social engineering campaigns are likely to become far more convincing and difficult to detect.
The blueprint also highlighted the growing risk posed by autonomous AI agents capable of carrying out semi-automated or fully automated cyber operations across multiple stages of an attack chain. These systems could potentially handle reconnaissance, privilege escalation, lateral movement and data exfiltration with minimal human involvement.
CERT-In additionally warned that organisations deploying AI systems could themselves become targets through prompt injection attacks, AI model manipulation, training data poisoning and theft of proprietary AI models.
Critical vulnerabilities must be patched within hours
One of the most striking recommendations in the framework is the compressed timeline for responding to vulnerabilities.
CERT-In has advised organisations to patch known vulnerabilities affecting internet-facing and “crown jewel” systems within 12 hours wherever feasible. Critical externally exposed vulnerabilities should be addressed within 24 hours, while high-severity flaws affecting important systems should be mitigated within three to five days depending on exposure levels.
The agency stressed that periodic audits and reactive responses are no longer sufficient in an AI-driven threat environment. Traditional perimeter-based security strategies, it warned, cannot adequately defend against attackers using adaptive AI tools capable of rapidly changing techniques.
CERT-In also reiterated its existing requirement that cyber incidents must be reported within six hours of detection.
Although the blueprint itself does not create new legal obligations, it strongly encourages organisations to rethink how they approach cybersecurity preparedness.
Zero trust, AI defence and continuous audits
To strengthen resilience, CERT-In has urged organisations to adopt “assume breach” strategies focused on rapid detection, containment and recovery rather than relying solely on prevention.
The framework recommends broader adoption of zero-trust security principles, including multi-factor authentication, privileged access management, micro-segmentation, conditional access systems and continuous session monitoring.
The agency also pushed for stronger protections against software supply chain attacks through the adoption of Software Bills of Materials (SBOMs) and related frameworks designed to improve visibility into software dependencies, AI components and cryptographic systems.
Continuous security assessments, red teaming exercises and adversarial simulations were also highlighted as essential measures. CERT-In suggested organisations should increasingly conduct resilience testing through empanelled cybersecurity auditors to evaluate preparedness against AI-enabled threats.
The blueprint comes amid heightened concern within the Indian government over the cybersecurity implications of rapidly advancing AI systems. Recent high-level discussions involving Finance Minister Nirmala Sitharaman reportedly examined the possible risks that advanced AI vulnerability discovery tools could pose to India’s banking and financial infrastructure.
CERT-In’s warning is clear: the age of slow-moving cyber attacks may be ending, and organisations that fail to adapt quickly could find themselves dangerously exposed in an AI-driven threat landscape.
