AI-driven cyber attacks surge, outpacing security defences

Cyber security experts have expressed growing concern about the use of artificial intelligence by hacking groups, following recent evidence that AI-enabled cyber attacks are evolving with unexpected speed and complexity. The comments come as the cyber security sector responds to examples of sophisticated operations built around large language models and automated intrusion techniques.

Threat landscape

Security analysts have noted a significant shift in the threat landscape, with well-resourced groups increasingly relying on AI to enhance the efficiency and effectiveness of their attacks. Malicious actors are now using AI systems to probe for vulnerabilities, adapt quickly once inside a network, and automate the process of overcoming traditional defences.

Adam Arellano, Field CTO at Traceable by Harness, described the progression:

"It was expected in general, but the level of sophistication and scale was more advanced than I imagined. I was hoping we wouldn't see something this sophisticated happen so quickly. When LLMs first launched and their potential became clear, I think most security professionals were predicting this kind of attack. But the speed at which it materialized is unsettling. As big sophisticated hacking groups prove that LLMs can be effective in hacking, more and more of the smaller groups and even individuals will start to figure out how to use them as well, increasing access to these types of attacks." said Adam Arellano, Field CTO, Traceable by Harness.

Automated attacks

Cyber attackers are using AI to automate many phases of an intrusion, making manual hacking methods seem slow by comparison. The latest attacks involve AI algorithms that mimic behaviours of seasoned hackers, yet can operate at a far greater scale. Arellano noted that AI-driven automation is lowering the barrier for less-skilled attackers, potentially enabling a broader range of threat actors to mount highly technical campaigns.

"The hackers are using AI to do what any good hacker would do (looking for weakness, pivoting once inside, changing attack patterns, etc.), but the speed and automation provided by the AI is what is a bit scary. Instead of a human with well-honed skills attempting to hack into hardened systems, the AI is speeding those processes and more consistently getting past obstacles," said Arellano.

Security response

As cyber attackers adopt AI capabilities, the security sector faces pressure to respond in kind. Security teams are now being encouraged to use AI-based tools to monitor network behaviour, flag emerging threats, and automate the response to active intrusions. Arellano argued that traditional security practices, while still fundamental, must evolve alongside attackers' new methods.

"Artificial intelligence-based security tools MUST be leveraged to be able to combat this kind of advanced attack. Certain security principles will remain useful and important, like least privilege and effective security operations procedures, but to keep up with this kind of attack, security tools that leverage AI to respond as quickly as the AI attacking will be essential. More importantly, the rapidly evolving capabilities of hackers must be matched by security teams who also level up their own capabilities using AI in more sophisticated and creative ways," said Arellano.