Sanjay Bahl, director-general of Cert-in
Sanjay Bahl, director-general of Cert-in (Indian Computer Emergency Response Team) Under the Ministry of Electronics and Information Technology, emphasized Tuesday that artificial intelligence attempts more focused, realistic and difficult to detect-a serious cyber economy-challenge, warns of a ministry of the ministry) Electronics and information technology.
“Malicious Actors are the first to use technology. If you see the phishing attacks, they are used with AI. In the past, those who were reasonably attentive and had an idea about phishing could have a phishing attack. Nowadays they are even fooled,” Bahl said on the Global FinTech Fest 2025.
“The AI makes it (the attacks) so perfect that you cannot find out if it is a phishing e-mail or not. These attacks will increase and it will continue to increase with new technologies that come in,” he said during a fire station on the subject “New Age and geo political threats for digital payment ecosystem and strategy to protect”.
Speaking of cyber attacks during Operation Sindoor, Bahl said that the “coordinated attacks in terms of wrong information and disinformation during the military operation that India had performed against terrorist infrastructure in Pakistan” were thwarted.
“There was real-time information about threats with the stakeholders. In the event that someone saw something suspicious, they reported it to Cert-In and we could look at what happened and others warn. We made monitoring and change in baselines, we could warn the entities. Actors.
The Cert-in Chef was of the opinion that application programming interface or API-specific models were not present and could be a security threat, because APIs are the backbone of modern software, especially in cloud, mobile and microservices architectures and excellent goals. “You have to place a lot of API-specific security models. Things such as tariff restriction (the number of requests per IP/user/app in a certain time frame), strong authentication, short-lived tokens, strict control elements, etc. API-specific security models are frameworks and best practics that are disrupted, to attack.
Asked whether countries such as Pakistan should be “geo flocked” (the practice of limiting or controlling access to websites, services or APIs based on the geographical location of the user) said Bahl: “I don’t think blocking is a solution. He argued for using the necessary checks and monitoring on a continuous basis.
Published on October 7, 2025
#Global #Fintech #Fest #perfects #phishing #attacks #CertInDirectorGeneral