Relevance: GS III (Cyber Security & Internal Security) | Source: The Hindu
- The Context: What is the latest development?
The Ministry of Electronics and IT (MeitY) and national security agencies are closely monitoring a new, highly advanced AI model developed in the US (named Claude Mythos).
- The New Threat: Unlike standard AI chatbots that generate text, this model has demonstrated the dangerous ability to autonomously scan and expose hidden, decades-old technical flaws in global software networks.
- The Global Response (Project Glasswing): Recognizing the severe risk, global tech companies have launched a massive, secret initiative. Their goal is to identify and fix these software flaws before the AI model is released to the general public, preventing it from falling into the hands of hostile state actors.
2. Administrative Impact: Why is India concerned?
The emergence of AI capable of automated cyber-attacks presents immense challenges for India’s internal security framework:
- Vulnerability of Legacy Systems: India’s core Digital Public Infrastructure (such as Aadhaar, GST portals, and core banking networks) often operates on older software systems. These “legacy systems” are highly vulnerable to AI models designed to exploit older code.
- Threat to Physical Infrastructure: Cyber threats can now cause physical destruction. Advanced AI can easily target SCADA systems—the electronic controllers that operate India’s power grids, water supply, and manufacturing plants.
- The Digital Sovereignty Dilemma: Indian policymakers face a complex strategic choice. Should the government allow a foreign-owned AI to audit our critical national software (which compromises our digital sovereignty), or should we refuse it and risk leaving our infrastructure exposed to future cyber-attacks?
3. The Way Forward for the Administration
To protect national interests, the government must adopt proactive measures:
- Indigenous Security AI: India must urgently invest in developing its own high-capacity AI models to independently audit and protect its national infrastructure.
- Focus on Cyber Resilience: Since 100% security is impossible against autonomous AI, the administration must focus on “resilience”—the ability to quickly isolate threats and restore public services if a major breach occurs.
UPSC Value Box: Important Administrative Frameworks
| Key Body / Concept | Simple Meaning |
| CERT-In | Computer Emergency Response Team – India. The statutory national nodal agency responsible for tracking and responding to cybersecurity incidents. |
| Critical Information Infrastructure (CII) | Defined under the IT Act, 2000 as computer resources whose destruction would have a debilitating impact on national security, the economy, or public health. |
| NCIIPC | National Critical Information Infrastructure Protection Centre. The specific designated intelligence agency tasked exclusively with protecting India’s vital CII assets (like power grids and nuclear networks). |
With reference to India’s cybersecurity architecture and emerging digital technologies, consider the following statements:
- Advanced Large Language Models (LLMs) deployed in cybersecurity possess the capability to autonomously identify deep-seated vulnerabilities in older open-source codebases.
- The National Critical Information Infrastructure Protection Centre (NCIIPC) is the designated nodal agency for protecting assets whose incapacitation would directly impact national security.
- CERT-In is a statutory body established under the provisions of the Information Technology Act, 2000.
Which of the statements given above is/are correct?
(a) 1 and 2 only
(b) 2 and 3 only
(c) 1 and 3 only
(d) 1, 2 and 3
Correct Answer: (d)
Share This Story, Choose Your Platform!
Start Yours at Ajmal IAS – with Mentorship StrategyDisciplineClarityResults that Drives Success
Your dream deserves this moment — begin it here.