Write News

AI Hacking: Hackers Become More Dangerous Using AI; CERT-In Issues New Cybersecurity Guidelines

Posted on 27th May 2026 01:42 pm by rohit kumar

Artificial Intelligence (AI) is rapidly transforming the way people work, communicate, and manage digital systems. From content creation to automation, AI has become an integral part of everyday life. However, alongside these benefits, a serious new threat is also emerging. India’s cybersecurity agency, the Indian Computer Emergency Response Team (CERT-In), has issued a fresh warning stating that cybercriminals are now using advanced AI technologies to launch faster, smarter, and more dangerous cyber attacks.

 

According to CERT-In, the rise of Generative AI, Large Language Models (LLMs), and autonomous AI agents has completely reshaped the cybersecurity landscape. Hackers are no longer relying solely on traditional attack methods. Instead, they are leveraging AI-powered systems to identify vulnerabilities, automate phishing campaigns, and create adaptive malware capable of bypassing conventional security measures.

 

How Hackers Are Using AI for Cyber Attacks

 

CERT-In’s latest cybersecurity blueprint highlights several alarming trends associated with AI-driven cybercrime.

 

Cybercriminals are now using advanced AI tools to scan digital systems and identify weaknesses at unprecedented speed. These vulnerabilities include exposed internet services, insecure APIs, weak authentication systems, and compromised digital identities.

 

One of the biggest concerns raised by CERT-In is the growing sophistication of phishing attacks. Using Generative AI and LLMs, hackers can now create highly personalized emails, fake messages, and deceptive websites that closely resemble legitimate communication. These AI-generated phishing campaigns are significantly harder for users to identify.

 

Another major threat involves adaptive malware. Unlike traditional malware, AI-powered malicious software can modify its behavior in real time to avoid detection by legacy antivirus programs and older security systems. This makes cyber attacks more persistent and difficult to contain.

 

Traditional Security Systems No Longer Enough

 

CERT-In has clearly stated that conventional “perimeter-based” cybersecurity systems are no longer sufficient in today’s digital environment.

 

Modern businesses are heavily interconnected through cloud computing, AI platforms, software supply chains, APIs, and remote digital infrastructure. As organizations become more digitally dependent, their attack surfaces continue to expand rapidly.

 

According to the agency, companies now require security systems that can continuously adapt to evolving threats instead of relying solely on static firewalls and outdated monitoring practices.

 

CERT-In Issues New Cybersecurity Guidelines

 

To strengthen digital defenses against AI-powered cyber threats, CERT-In has advised organizations to implement several critical measures.

 

Continuous Monitoring of Systems

 

Companies must continuously monitor internet-facing systems, cloud environments, APIs, and connected digital assets. Regular vulnerability scans and real-time threat detection are now considered essential.

 

Prioritize High-Risk Threats

 

Organizations have been instructed to identify and prioritize vulnerabilities based on severity. Systems connected to public networks and critical infrastructure should receive the highest level of protection.

 

The Strict 12-Hour Rule

 

CERT-In has introduced a strict timeline for addressing critical vulnerabilities. If a major security flaw is discovered in an important system, it must be patched within 12 hours.

 

Fix High-Risk Vulnerabilities Quickly

 

Other high-risk vulnerabilities must be resolved within 1 to 5 days depending on the severity of the threat. Delayed responses can significantly increase the risk of cyber intrusions.

 

Isolation Measures for Unpatched Systems

 

If an immediate security patch is unavailable, companies should isolate the affected system from the network, restrict external access, and increase monitoring until a proper solution becomes available.

 

Rising Concern Over Supply Chain Security

 

CERT-In has also warned about growing threats related to software supply chains and third-party digital services.

 

To improve transparency and identify hidden risks within software ecosystems, the agency has recommended adopting several modern security frameworks:

 

Software Bill of Materials (SBOM)

AI Bill of Materials (AIBOM)

Quantum Bill of Materials (QBOM)

Cryptographic Bill of Materials (CBOM)

 

These frameworks help companies track the components used within their software systems, evaluate third-party dependencies, and identify potential vulnerabilities before attackers can exploit them.

 

Why AI-Based Cybersecurity Threats Are More Dangerous

 

Experts believe AI-powered cyber attacks are more dangerous because they can operate at massive scale while adapting automatically to changing environments. Hackers can now automate reconnaissance, generate realistic scams, and target thousands of users simultaneously with minimal human involvement.

 

The rapid growth of AI tools has effectively lowered the barrier for cybercriminals, enabling even less technically skilled attackers to carry out sophisticated operations.

 

What Businesses and Users Should Do

 

Cybersecurity experts advise both organizations and individual users to adopt stronger digital safety practices:

 

Enable multi-factor authentication (MFA)

Regularly update software and systems

Avoid clicking suspicious links or downloading unknown files

Use advanced endpoint security tools

Monitor unusual account activity

Conduct regular cybersecurity audits

 

Businesses should also train employees to recognize AI-generated phishing attempts and social engineering attacks.

1 0 Tweet