The Computer Emergency Response Team of India (CERT-In) has issued new guidelines requiring organizations to patch critical security vulnerabilities in internet-exposed systems within 12 hours of being flagged, in order to automate vulnerability discovery and exploitation and protect against potential threats arising from the misuse of artificial intelligence (AI) tools and large-scale language models (LLM) by threat actors to enhance the scale and speed of cyber-attacks.
“AI-assisted cyber exploits reduce the time needed for attackers to identify, weaponize, and exploit vulnerabilities, exposed services, weak identities, insecure APIs, and misconfigurations,” CERT-In said in a 38-page blueprint published Monday.
“The potential impact of AI-enabled cyber threats continues to grow across sectors as organizations become increasingly reliant on interconnected digital infrastructure, cloud ecosystems, software supply chains, operational technologies, and AI-enabled platforms.”
Attackers are increasingly relying on AI for a wide range of tasks, including attack surface discovery, exploit analysis, convincing phishing content, and even malware generation, which can significantly compress attack preparation timelines and bypass traditional security controls.
Moreover, AI-enabled systems themselves can become targets of malicious attacks such as prompt injections, data leak vulnerabilities, jailbreaking techniques, model manipulation, training data poisoning, model theft, and orchestration pipeline compromises, effectively compromising their confidentiality and integrity.
CERT-In warns that organizations should expect exploitation timelines to collapse significantly and attacks to become autonomous, requiring the adoption of advanced cybersecurity measures including continuous threat assessment, proactive risk mitigation, and operational preparedness.
Below are some of the defensive principles outlined by the Cybersecurity Agency to reduce risk and respond appropriately to AI-assisted cyber threats.
Anticipate a breach and prepare for rapid detection, containment, and recovery from breach scenarios. Adopt a zero trust approach by enforcing continuous verification and least privilege access. Implement a defense-in-depth strategy with layered controls across your infrastructure to eliminate single points of failure and minimize the overall impact of a successful breach. Monitor security vulnerabilities and reduce their risks. Incorporate secure-by-design paradigms into your systems, applications, and AI workflows. Maintain continuity of operations even during cyber incidents and disruption scenarios. Protect sensitive and operationally critical data throughout its lifecycle. Reduce software supply chain risks from third-party software, AI models, and dependencies through SBOM, provenance verification, and assessment. Test the effectiveness of your security against evolving threats through red teams, vulnerability assessments, penetration testing, and independent audits. Prioritize controls based on operational importance and threat exposure. Establish formal governance mechanisms for the use of AI systems. Maintain visibility into AI systems, integrations, and operational operations.
“Organizations need to implement multi-layered, risk-based, continuously validated technology controls to reduce exposure to AI-assisted cyber threats,” CERT-In said. “Management must prioritize the protection of internet-connected systems, critical business applications, identities, cloud environments, APIs, sensitive data, AI-enabled systems, and operational infrastructure.”
The agency also urges organizations to adopt “ongoing risk-based vulnerability and patch management practices” to reduce risks arising from security flaws, misconfigurations, insecure APIs, publicly accessible services, and weak identities. To that end, exploited known vulnerabilities affecting critical internet-facing systems must be remediated within 12 hours, if applicable.
Other risk-based remediation times include:
Externally exposed critical vulnerabilities: within 1 day Known exploited vulnerabilities affecting internal systems: within 1 day unless other mitigations are implemented and documented Critical internal vulnerabilities affecting high-value systems: within 3 days High-severity vulnerabilities: within 5 days based on risk prioritization
In scenarios where patches are not readily available, we recommend implementing temporary mitigations such as isolation, access restrictions, WAF/API protection, increased monitoring, and feature disabling until a fix is released.
“Given the rapidly evolving nature of AI-assisted cyber threats, organizations must continually reassess exposures, validate security controls, strengthen resiliency capabilities, and enhance operational readiness through continuous auditing, monitoring, testing, and aligned cybersecurity governance,” CERT-In said.
The blueprint arrives a month after CERT-In issued an advisory warning regarding the growing cyber capabilities of Anthropic and OpenAI’s Frontier AI Model, noting how its “dual-use nature” “lowers barriers to entry for malicious cyber attackers and could be used to accelerate attack execution, automate exploit workflows, and scale cyber campaigns.”
“Aligning with cutting-edge AI-driven cyber developments is critical to maintaining cyber resilience,” it added. “Fundamental cybersecurity controls remain important and must be rigorously enforced.”
Source link
