SEBI Warns Financial Sector on AI Tools Accelerating Cyber-Attacks

The swift rise of Generative AI presents dual challenges for financial market cybersecurity. Traditional defenses, relying on periodic checks and human review, are outpaced by new AI tools. Firms like Anthropic have developed AI (e.g., Mythos) that condenses weeks of complex hacking into mere hours. SEBI's advisory is a timely step to fortify India's securities market against AI-driven threats, including automated phishing, malware creation, and real-time exploitation of zero-day vulnerabilities.

Stock exchanges, depositories, and mutual funds are directed by SEBI to enhance their cyber defenses. This means deploying AI-powered monitoring to counter AI-driven attacks. Consequently, entities must conduct rigorous stress testing and audit firewalls against intrusion techniques leveraging large language models (LLMs). With Indian capital market digital transactions at record levels, SEBI's regulatory scope now extends beyond market oversight to safeguarding the technological integrity of the entire trading process.

• Advisory Date: May 5, 2026
• Target Entities: Market Intermediaries and Infrastructure Institutions
• Threat Focus: Advanced AI models (e.g., Mythos)
• Core Objective: Cybersecurity and Vulnerability Management

Glossary

Mythos AI: An advanced artificial intelligence model capable of identifying and exploiting software vulnerabilities at high speed.

Zero-day Vulnerability: A software security flaw that is known to the software vendor but has no patch available, making it a high-risk target for hackers.