India’s Computer Emergency Response Team (CERT-In) has issued a critical directive for organizations to patch high-risk vulnerabilities in internet-facing systems within 12 hours of detection. This urgent measure aims to counteract the growing threat of AI-assisted cyber attacks that have drastically shortened the window for exploitation.
AI-Driven Threat Landscape
The new guideline emerges in response to the increasing use of generative AI and autonomous agents by cybercriminals. These technologies enable attackers to automate processes such as reconnaissance and vulnerability exploitation, significantly accelerating attack timelines. As a result, organizations must act swiftly to patch vulnerabilities to prevent breaches.
The “Blueprint for Reducing Exposure and Defending against AI-Assisted Vulnerabilities Exploitation in Digital Infrastructure” highlights that sectors like government, banking, telecom, healthcare, and digital infrastructure are especially vulnerable. These industries must prioritize patching to safeguard their critical systems from sophisticated AI-driven threats.
Patching Timelines and Prioritization
CERT-In’s blueprint sets forth specific timelines for addressing vulnerabilities. For internet-facing systems already under active attack, organizations are expected to remediate the threat within 12 hours. Other critical vulnerabilities exposed externally should be patched within 24 hours, while internal critical flaws on high-value systems can take up to three days.
This proactive approach is designed to minimize the window for attackers to exploit unpatched systems. CERT-In emphasizes that traditional methods like periodic assessments are inadequate against AI-enhanced threats. Continuous exposure management, including asset discovery and attack surface monitoring, is encouraged to maintain robust security.
Enhanced Security Measures
Beyond patching, the blueprint recommends implementing AI-aware governance and zero-trust principles. These include enforcing multi-factor authentication, least-privilege access controls, and micro-segmentation to limit potential damage from breaches.
Organizations are urged to modernize Security Operations Center (SOC) operations with AI for telemetry correlation and threat hunting. Additionally, training employees to recognize deepfake threats and AI-driven phishing attempts is advised to bolster defenses.
Entities must report cyber incidents to CERT-In within six hours, facilitating coordinated responses and intelligence sharing. The emphasis on rapid patching forms part of a broader strategy to enhance resilience against AI-driven cyber threats.
As AI continues to shape the cyber threat landscape, CERT-In’s mandate underscores the need for Indian organizations to adopt a proactive, continuous approach to security, treating exposure reduction as an integral part of their cybersecurity strategy.
