CERT-In Urges Organizations to Patch Critical Vulnerabilities Within 12 Hours Amid Rising AI-Driven Cyber Threats
India’s Computer Emergency Response Team (CERT-In) has unveiled a comprehensive cybersecurity framework aimed at enhancing the resilience of organizations against evolving cyber threats. The new guidelines emphasize the urgent need for organizations to address critical security vulnerabilities in internet-facing systems within 12 hours of detection, where feasible. This initiative comes in response to escalating concerns regarding the use of artificial intelligence (AI) tools and large language models (LLMs) by cybercriminals to expedite attacks and automate exploit development.
The 38-page blueprint, released on Monday, reflects the growing apprehension surrounding AI-assisted cyber exploitation. CERT-In highlights that the rapid adoption of AI and LLMs by malicious actors is significantly reducing the time between the identification of security vulnerabilities and their exploitation.
“AI-assisted cyber exploitation reduces the time required for adversaries to identify, weaponize, and exploit vulnerabilities, exposed services, weak identities, insecure APIs, and misconfigured systems,” CERT-In stated in the document.
AI and LLMs Are Reshaping Cyber Attack Timelines
CERT-In has issued a stark warning that as organizations increasingly rely on cloud ecosystems, interconnected infrastructure, operational technology, software supply chains, and AI-enabled platforms, the risks associated with AI-driven attacks are escalating across various sectors. The agency noted that attackers are leveraging AI and LLMs for a wide array of malicious activities, including attack surface mapping, exploit analysis, phishing campaigns, malware creation, and automated reconnaissance. This technological advantage allows attackers to compress traditional attack preparation timelines and bypass conventional security measures.
The blueprint also underscores that AI-enabled environments themselves can become targets. Threat actors may exploit vulnerabilities through prompt injection attacks, model manipulation, data leakage, training data poisoning, and orchestration pipeline compromises. Such attacks can severely undermine the confidentiality, integrity, and reliability of AI systems.
According to CERT-In, organizations must prepare for a future where cyberattacks become increasingly autonomous, and exploitation timelines continue to collapse due to advancements in AI and LLMs. This shift necessitates enhanced operational readiness, proactive patching strategies, continuous threat assessment, and aggressive exposure reduction practices.
CERT-In Calls for Stronger Defenses Against Security Vulnerabilities
To combat AI-assisted attacks and mitigate exposure to security vulnerabilities, CERT-In has outlined several defensive principles that organizations should adopt. One of the key recommendations is the assumption that breaches are inevitable. Organizations are encouraged to prepare for rapid detection, containment, and recovery during compromise scenarios. The framework advocates for the adoption of Zero Trust security models that enforce continuous verification and least-privilege access controls.
CERT-In further recommends implementing defense-in-depth strategies, which involve layered protections across infrastructure to minimize the impact of successful breaches and eliminate single points of failure. Continuous monitoring and remediation of security vulnerabilities are emphasized, along with integrating secure-by-design practices into applications, infrastructure, and AI workflows.
The framework also advises organizations to maintain operational continuity during cyber incidents and ensure the protection of sensitive and operationally critical data throughout its lifecycle. A significant focus area is software supply chain security, with CERT-In urging enterprises to mitigate risks associated with third-party software, AI models, and dependencies through Software Bills of Materials (SBOMs), provenance validation, and security assessments.
To assess the effectiveness of cybersecurity controls, the agency recommends regular red teaming exercises, vulnerability assessments, penetration testing, and independent audits. Organizations are advised to prioritize controls based on operational importance and threat exposure while establishing formal governance frameworks for AI usage and maintaining visibility into AI systems and integrations.
“Organizations should implement layered, risk-based, and continuously validated technical controls to reduce exposure to AI-assisted cyber threats,” CERT-In stated. “Controls should prioritize protection of internet-facing systems, critical business applications, identities, cloud environments, APIs, sensitive data, AI-enabled systems, and operational infrastructure.”
New Patching Deadlines Introduced for Critical Flaws
A critical component of the blueprint focuses on vulnerability management and patching timelines. CERT-In urges organizations to adopt continuous, risk-based vulnerability and patch management practices to mitigate risks associated with security vulnerabilities, insecure APIs, misconfigurations, publicly exposed services, and weak identities.
Under the new recommendations, known exploited vulnerabilities affecting internet-facing and critical systems should be remediated within 12 hours whenever applicable. The agency has also introduced additional remediation timelines based on severity and exposure levels. Critical externally exposed vulnerabilities should be addressed within one day, while known exploited vulnerabilities impacting internal systems should also be remediated within one day unless alternative mitigation measures are documented. Critical internal vulnerabilities affecting high-value systems should be patched within three days, while high-severity vulnerabilities should be resolved within five days based on risk prioritization.
CERT-In acknowledges that immediate patching may not always be feasible. In cases where fixes are unavailable, the agency advises organizations to deploy temporary mitigations such as system isolation, restricted access controls, web application firewalls (WAF), enhanced monitoring, and feature disablement until official patches are released.
The new recommendations reflect a growing global concern regarding the role of AI and LLMs in modern cyber warfare. As threat actors continue to automate the discovery and exploitation of security vulnerabilities, cybersecurity agencies and enterprises face increasing pressure to strengthen patching practices, reduce exposure windows, and enhance resilience against rapidly evolving digital threats.
Source: thecyberexpress.com
Keep reading for the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East.
