CERT-In warns of AI-driven cyber attack risks

New Delhi: India’s cybersecurity agency, Indian Computer Emergency Response Team (CERT-In), has issued a high-severity advisory warning that artificial intelligence (AI) is increasingly being used to power sophisticated cyberattacks targeting organisations, MSMEs, and individuals.

The agency said rapidly evolving AI systems are enabling attackers to automate complex operations, identify vulnerabilities, and execute attacks at an unprecedented scale and speed, significantly raising cybersecurity risks across sectors.

AI accelerating cyber threats

According to CERT-In, advanced AI tools can scan large and complex software ecosystems to detect both known and zero-day vulnerabilities. These tools can also generate exploit methods, allowing attackers to quickly act on identified weaknesses.

The advisory highlighted that AI-driven systems can automate reconnaissance across internet-facing infrastructure, including APIs, cloud platforms, and enterprise networks. This enables cybercriminals to map systems and identify entry points much faster than traditional methods.

Rise of phishing, deepfakes and impersonation

CERT-In warned of a surge in AI-powered phishing and impersonation attacks. Cybercriminals can now generate highly realistic and personalised messages, often in multiple languages, making it harder for users to detect fraud.

The agency also flagged the growing threat of deepfake-based scams, where AI is used to mimic voices or create convincing fake videos to deceive individuals and organisations.

Additionally, attackers are increasingly deploying automated credential harvesting techniques and multi-stage attacks. These involve breaching a system, expanding access across networks, and maintaining control in a coordinated manner.

Potential risks and impact

The advisory noted that AI is lowering the barrier for cybercrime, enabling even less-skilled actors to launch advanced attacks. This could lead to rapid exploitation of vulnerabilities and large-scale social engineering campaigns.

Potential consequences include unauthorised access to systems, service disruptions, data breaches, identity theft, and financial fraud. CERT-In also warned of cascading effects, where a single breach could impact interconnected systems and critical infrastructure.

Recommendations for organisations

To counter these threats, CERT-In has urged organisations to adopt stronger cybersecurity practices. It recommended implementing a Zero Trust security model, which assumes no user or system is automatically trusted.

Organisations have been advised to enforce multi-factor authentication (MFA), segment networks, and limit access based on necessity. Strengthening monitoring systems and reducing exposure of critical infrastructure were also highlighted as key measures.

The agency stressed the importance of faster patching, especially for internet-facing systems, and encouraged automation in vulnerability detection and management. Regular employee training and cybersecurity drills were also recommended to improve preparedness.

Guidance for MSMEs and individuals

For MSMEs, CERT-In suggested enabling automatic software updates, using managed security services, and maintaining secure data backups. Businesses were also advised to avoid using unverified AI tools and to monitor systems for unusual activity.

Individuals have been urged to adopt basic cyber hygiene practices such as using strong passwords and enabling MFA. The advisory emphasised caution while dealing with suspicious messages, emails, or links, and encouraged users to verify communications before sharing sensitive information.

Conclusion

CERT-In’s advisory underscores the dual nature of AI as both a defensive and offensive tool in cybersecurity. While AI can enhance security measures, its misuse is accelerating cyber risks. The agency has called for continuous vigilance, proactive measures, and updated security practices to stay ahead of evolving AI-driven threats.