New Delhi, May 26 (IANS) India’s cyber security agency CERT-In has warned that the rapid adoption of artificial intelligence is dramatically reshaping the global cybersecurity landscape, with cybercriminals increasingly using advanced AI tools to launch faster, more sophisticated attacks.

In its latest cybersecurity blueprint, CERT-In said technologies such as generative AI, large language models (LLMs), autonomous agents and AI-powered automation platforms are now being actively exploited by attackers to accelerate reconnaissance, automate vulnerability detection, create targeted phishing campaigns and develop adaptive malware capable of evading traditional security systems.

According to the agency, AI-enabled cyber exploitation has significantly reduced the time required for attackers to identify weaknesses in digital infrastructure, including exposed services, insecure APIs and weak digital identities.

“As organisations become increasingly dependent on interconnected digital infrastructure, cloud ecosystems, software supply chains, operational technologies, and AI-enabled platforms, the potential impact of AI-enabled cyber threats continues to increase across sectors,” the blueprint stated.

The agency cautioned that traditional perimeter-based cybersecurity strategies are no longer sufficient in the evolving threat environment and urged organisations to adopt a more adaptive and resilience-driven security framework.

CERT-In advised companies to regularly scan their systems, continuously monitor internet-facing assets, review cloud and API environments and ensure vulnerabilities are fully patched after detection.

It also recommended that organisations prioritise security risks based on their severity and exploitability, especially if they impact critical infrastructure or publicly accessible systems.

The cybersecurity watchdog further proposed strict timelines for addressing vulnerabilities. Critical flaws affecting important or internet-facing systems should ideally be patched within 12 hours, while other high-risk vulnerabilities should be resolved within one to five days depending on the level of risk.

In situations where patches are unavailable, CERT-In suggested temporarily isolating affected systems, restricting access and strengthening monitoring mechanisms to minimise the risk of compromise.

The agency also highlighted growing concerns around software and digital supply chain vulnerabilities.

To improve transparency and security, CERT-In recommended frameworks such as Software Bill of Materials (SBOM), AI Bill of Materials (AIBOM), Quantum Bill of Materials (QBOM) and Cryptographic Bill of Materials (CBOM).

According to the blueprint, these frameworks can help organisations identify software dependencies, verify trusted sources and reduce risks associated with third-party technologies and AI-based tools.

–IANS

pk