CERT-In, India’s cybersecurity watchdog, has expressed concern over the rising complexity of modern cyber threats, particularly those powered by artificial intelligence. According to its recent advisory, cutting-edge AI tools are redefining how attacks are carried out, making them faster, highly scalable, and more accessible. This shift is allowing even low-skilled threat actors to conduct advanced cyberattacks with greater efficiency. 

Special emphasis has been laid on Micro, Small, and Medium Enterprises (MSMEs), which are emerging as primary targets for cyberattacks because of their comparatively less robust cybersecurity frameworks. 

According to CERT-In, the growing use of artificial intelligence marks a turning point in cyberattack methodologies. Activities that previously required skilled intervention and hours of manual work can now be automated, enabling faster execution with minimal effort. 

According to the agency, modern AI technologies are now capable of independently scanning extensive codebases, uncovering complex vulnerabilities, and orchestrating multi-phase cyberattacks. This development marks what it describes as a new phase of cybercrime driven by automation and scale. 

From Hands-On Intrusions to AI-Powered Cyber Warfare  

According to CERT-In, traditional cyberattacks required significant manual work and specialised skills, as threat actors would methodically probe systems over extended periods to uncover vulnerabilities. This approach has been transformed by AI, with modern systems now able to rapidly detect “zero-day” vulnerabilities, or unknown security flaws, almost instantly. 

Rising Threat Levels for MSMEs  

According to the advisory, MSMEs face heightened vulnerability in this evolving threat environment. Limited financial resources, absence of specialised cybersecurity personnel, and lack of advanced monitoring systems put them at a disadvantage, allowing threat actors to more easily exploit them with AI-powered tools. 

According to CERT-In, AI has made cyberattacks more accessible by automating complex processes, allowing less skilled actors to carry out precise and impactful operations. This trend significantly heightens the risk for MSMEs, as even a successful attack can lead to consequences such as data breaches, business disruptions, or ransomware threats that smaller organisations struggle to manage. The watchdog cautions that unless MSMEs take immediate steps to strengthen their security frameworks, they could incur major financial and reputational damage, with AI-powered threats now posing an immediate and widespread danger. 

Recommended Actions for Better Cyber Protection  

To address the growing risks, CERT-In has outlined critical actions that organisations—especially MSMEs—should adopt to enhance their defences. Central to these recommendations is the use of advanced threat detection mechanisms paired with ongoing network monitoring, which can detect anomalies at an early stage and prevent potential attacks from intensifying. 

CERT-In highlights patch management as another vital area of focus, noting that AI-driven tools can quickly uncover and exploit vulnerabilities in outdated systems. Delays in applying updates can therefore create serious security gaps, making timely patching a crucial defence measure. The advisory also stresses the importance of maintaining detailed system logs, as they support forensic analysis by revealing how an attack unfolded and which weaknesses were targeted, ultimately helping organisations improve their cybersecurity posture.