CERT-In Advisory Flags Growing AI Cyber Threats as Attackers Use Deepfakes and Zero-Day Exploits

India's national cybersecurity agency, the Indian Computer Emergency Response Team (CERT-In), has issued a high-level warning about the growing threat of AI-powered cyber attacks. The alert focuses on how advances in artificial intelligence are making cyberattacks faster, smarter, and more difficult to detect. According to CERT-In, AI systems can now execute tasks that previously required skilled cybersecurity personnel. Attackers can utilize AI to scan massive volumes of software code, uncover known and zero-day vulnerabilities, and even build exploit methods quickly after security flaws are publicly disclosed.

One of the most major concerns addressed in the alert is the development of AI-powered phishing attacks. Cybercriminals can now send convincing emails, SMS, voice calls, and deepfake videos in numerous languages. These scams can fool victims into disclosing passwords, banking information, or other sensitive data.

CERT-In also cautioned that AI can automate several stages of a cyberattack. It can gather information about internet-facing systems, find network flaws, steal credentials, and navigate across systems once access is granted. These capabilities enable attackers to conduct large-scale attacks in considerably less time.

To mitigate these threats, CERT-In advises enterprises to tighten their cybersecurity practices. Businesses should regularly monitor network activity, swiftly patch vulnerabilities, enable multi-factor authentication (MFA), and implement a Zero Trust security strategy. The agency also recommended network segmentation, secure backups, endpoint protection, and ongoing employee awareness training.

For MSMEs, CERT-In recommended practical steps such as activating automatic software upgrades, employing managed security services, verifying backups on a regular basis, and avoiding unverified AI tools in business settings. Individual users have been cautioned to exercise caution. CERT-In suggests using strong and unique passwords, activating multi-factor authentication, avoiding suspicious links and files, downloading applications only from trusted sources, and keeping devices up to date.

The advisory makes one thing clear that while artificial intelligence can improve cybersecurity, it can also be misused by cybercriminals. As AI cyber threats continue to evolve, organizations and individuals must adopt proactive security measures to stay protected. In today's digital world, cybersecurity is no longer optional. Staying informed, prepared, and alert is the best defense against the next generation of AI-powered attacks.

Information referenced in this article is from Money Control