The CERT-In High Severity Advisory on Frontier AI and Agentic Cyber Risks for Indian MSMEs

Introduction 

The rapid evolution of artificial intelligence has ushered in a transformative era for Indian businesses, yet it has simultaneously equipped Cybercriminals with a sophisticated new arsenal of digital weapons. Recently, the Indian Computer Emergency Response Team (CERT-In) issued a critical high-severity advisory targeting MSMEs and individuals regarding "agentic" AI models. These systems, such as the widely discussed Mythos, possess the autonomy to discover software vulnerabilities and execute multi-stage attacks without human intervention. As India's digital economy expands in 2026, understanding these AI-driven threats is now a foundational requirement for maintaining economic stability and public trust across the nation. 

The Anatomy of AI-Driven Cyber Attacks 

AI-driven cyber-attacks differ significantly from traditional threats due to their sheer speed, adaptability, and ability to mimic human behaviour with terrifying accuracy. These advanced systems utilise Machine Learning to analyse vast amounts of data, identifying Zero-Day Vulnerabilities in widely used software before developers can even issue a patch. Once a flaw is identified, the AI can autonomously draft highly personalised Phishing emails that match the cultural and regional nuances of the target, making them nearly indistinguishable from legitimate correspondence. For MSMEs, which often lack the massive cybersecurity budgets of multinational corporations, this shift represents a "non-linear" risk where a single AI agent can compromise an entire enterprise network within hours rather than weeks. 

Why MSMEs are the Primary Targets 

MSMEs are the backbone of the Indian economy, yet they are increasingly viewed as the "soft underbelly" by threat actors using frontier AI models. Many of these businesses rely on legacy systems or unpatched software, which AI agents can scan and exploit with minimal effort. The CERT-In advisory highlights that the dual-use nature of AI means that tools designed for helping developers write code can be repurposed to "chain" multiple small vulnerabilities into a single, crippling breach. These attacks often lead to unauthorised system access, significant financial fraud, and the theft of Intellectual Property, which can be devastating for a smaller firm’s reputation and survival. By automating the reconnaissance phase, AI allows attackers to launch thousands of simultaneous probes, effectively "democratising" high-level cyber warfare for low-level criminals. 

Key Recommendations for Organisations 

To counter these sophisticated threats, CERT-In suggests that organisations must move away from reactive security and towards a predictive Zero Trust Architecture. This model operates on the principle of "never trust, always verify", ensuring that every access request is fully authenticated and authorised regardless of its origin. 

• Implement Multi-Factor Authentication (MFA): Enforce MFA across all entry points, preferably using hardware-based verification tokens to prevent session hijacking. 

  
  

• Accelerated Patch Management: Treat every critical vulnerability disclosure as an immediate threat, aiming to apply security patches within a 24-hour window. 

  
  

• Enhanced Monitoring: Increase the frequency of log reviews and use AI-powered defensive tools to spot abnormal patterns, such as unusual API requests. 

  
  

• Network Segmentation: Divide the internal network into smaller zones to prevent an attacker from moving laterally once they have gained an initial foothold. 

  
  

• Disable Unnecessary Services: Reduce the "attack surface" by closing unused ports and disabling legacy VPN systems that are frequently targeted by automated AI scanners. 

By adopting these rigorous technical standards, businesses can create a resilient environment that is significantly harder for autonomous AI agents to penetrate or exploit. 

Individual Protection in the AI Age 

Individuals are not immune to these advancements, as AI-driven Social Engineering becomes more prevalent in 2026. Attackers are now using AI to intercept one-time passwords (OTPs) and create deepfake audio or video to impersonate family members or bank officials. CERT-In advises individuals to remain sceptical of urgent financial requests and to verify the identity of the sender through a secondary, trusted channel before transferring any funds. Furthermore, maintaining regular backups of personal data on offline or encrypted Cloud Storage is essential for recovering from potential Ransomware attacks that are now being accelerated by AI automation. 

Understanding the Scale of Autonomous Threats 

The shift toward autonomous AI agents represents a fundamental change in the "threat actor" profile that Indian organisations must prepare for. Unlike traditional hackers who might work in shifts, an AI agent operates around the clock, continuously probing network defences for the slightest opening. CERT-In’s warning emphasises that these models can perform Heuristic Analysis to predict how a security team might respond to an intrusion, allowing the malware to change its own code in real-time to avoid detection. This level of sophistication means that manual intervention by IT staff is often too slow to prevent data exfiltration. Consequently, the advisory urges the adoption of AI-based defensive tools that can react at the same machine speed as the attackers to neutralise threats before they escalate into full-scale breaches. 

Conclusion 

The landscape of cybersecurity in India has reached a critical juncture where the speed of the attacker often outpaces the traditional manual response of the defender. As the CERT-In advisory makes clear, the era of "set and forget" security is over for MSMEs and individuals alike. Embracing the latest defensive technologies, conducting regular employee training on AI-generated scams, and fostering a culture of Cyber Hygiene are the only ways to navigate this new frontier safely. While the threats posed by frontier AI are significant, they also serve as a catalyst for India to build a more robust, intelligent, and resilient digital infrastructure for the years to come. 

Want to stay ahead?  

Don't let your MSME become a statistic. Secure your frontier AI defence strategy with a comprehensive compliance audit at Tsaaro.com