InfoSecBulletin Cybersecurity for mankind
The Indian Computer Emergency Response Team (CERT-In) has released new rules. Organizations must fix serious security problems in online systems within 12 hours if possible. This is to protect against threats from bad actors using artificial intelligence (AI) tools and large language models (LLMs) to find and exploit vulnerabilities quickly and on a larger scale.
“AI-assisted cyber exploitation reduces the time required for adversaries to identify, weaponize, and exploit vulnerabilities, exposed services, weak identities, insecure APIs, and misconfigured systems,” CERT-In said in a 38-page blueprint published Monday.
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
Critical Cisco ISE Vulnerability Enables Remote Code Execution
F5 Patches NGINX Flaw for Code Execution and DoS Attacks
FortiBleed: 70,000 Fortinet Firewalls Compromised Globally
“As organizations become increasingly dependent on interconnected digital infrastructure, cloud ecosystems, software supply chains, operational technologies, and AI-enabled platforms, the potential impact of AI-enabled cyber threats continues to increase across sectors.”
With threat actors starting to use AI for many tasks, like finding attack points, analyzing exploits, creating convincing phishing messages, and even making malware, they can shorten the time needed to prepare for attacks and get around traditional security measures.
AI systems can also be attacked in harmful ways. This includes prompt injections, data leaks, jailbreaking, changing models, poisoning training data, stealing models, and breaking into their processes. These actions can harm the safety and trustworthiness of these systems.
CERT-In has warned that groups should prepare for attacks to happen much faster and on their own. This means they need to adopt stronger cybersecurity measures, which include ongoing threat checks, reducing risks early, and being ready to respond.
Some ideas from the cybersecurity agency to help protect against AI-related cyber threats are listed below –
Assume breach and prepare for rapid detection, containment, and recovery from compromise scenarios.
Adopt a Zero Trust approach by enforcing continuous verification and least-privilege access.
Implement a defense-in-depth strategy with layered controls across infrastructure to eliminate single points of failure and minimize the overall impact of a successful breach.
Monitor and reduce exposure to security vulnerabilities.
Embed a secure-by-design paradigm into systems, applications, and AI workflows.
Maintain operational continuity during cyber incidents and disruption scenarios.
Safeguard sensitive and operationally critical data throughout its lifecycle.
Reduce software supply chain risks arising from third-party software, AI models, and dependencies through SBOM, provenance validation, and assessments.
Test security effectiveness against evolving threats through red teaming, vulnerability assessments, penetration testing, and independent audits.
Prioritize controls based on operational criticality and threat exposure.
Establish formal governance mechanisms regarding the use of AI systems.
Maintain visibility into AI systems, integrations, and operational behavior.
“Organizations should implement layered, risk-based, and continuously validated technical controls to reduce exposure to AI-assisted cyber threats,” CERT-In said. “Controls should priorities protection of internet-facing systems, critical business applications, identities, cloud environments, APIs, sensitive data, AI-enabled systems, and operational infrastructure.”
The agency is asking organizations to use “ongoing, risk-focused ways to manage vulnerabilities and patches” to lower risks from security issues, bad setups, unsafe APIs, services open to everyone, and weak identities. They say that known problems affecting important systems that are online should be fixed within 12 hours if possible.
Other risk-based remediation times are as follows:
Critical externally exposed vulnerabilities: Within 1 day
Known exploited vulnerabilities affecting internal systems: Within 1 day unless other mitigations are implemented and documented
Critical internal vulnerabilities affecting high-value systems: Within 3 days
High-severity vulnerabilities: Within 5 days based on risk prioritization
In situations where patches are not ready, it is best to use temporary solutions like isolating systems, limiting access, using WAF/API protection, increasing monitoring, or turning off features until the fix is out.
“Given the rapidly evolving nature of AI-assisted cyber threats, organisations should continuously reassess exposure, validate security controls, strengthen resilience capabilities, and enhance operational preparedness through ongoing audits, monitoring, testing, and coordinated cybersecurity governance,” CERT-In said.
The plan comes a month after CERT-In warned about the increasing hacking abilities of advanced AI models from Anthropic and OpenAI. It said these models could help bad actors by making it easier for them to attack, automate their attacks, and grow their cyber campaigns.
“Keeping pace with frontier AI-driven cyber developments is critical for maintaining cyber resilience,” it added. “Baseline cybersecurity controls remain critical and should be rigorously enforced.”
