Email:

Phone No.

Whatsapp

AI Cyberattacks Now Automate Up to 90% of Certain Cyber Operations

  • Home
  • AI Cyberattacks Now Automate Up to 90% of Certain Cyber Operations
AI Cyberattacks Now Automate Up to 90% of Certain Cyber Operations
AI Cyberattacks Now Automate Up to 90% of Certain Cyber Operations
AI Cyberattacks Now Automate Up to 90% of Certain Cyber Operations
AI Cyberattacks Now Automate Up to 90% of Certain Cyber Operations
AI Cyberattacks Now Automate Up to 90% of Certain Cyber Operations

ai cyberattacks

AI Cyberattacks Now Automate Up to 90% of Certain Cyber Operations

Artificial intelligence has long been viewed as a tool that can strengthen cybersecurity through faster threat detection, automated analysis and improved operational efficiency. However, recent developments suggest that AI is no longer confined to assisting defenders. It is increasingly being weaponised by cybercriminals to automate significant portions of sophisticated cyberattacks.

According to the recent Check Point Research report on AI cyberattacks, artificial intelligence has now been observed autonomously performing substantial parts of real-world cyber intrusions with minimal human involvement. In some cases, AI systems reportedly carried out between 80 and 90 per cent of an attack campaign, signalling a fundamental shift in the cyber threat landscape.

The implications extend far beyond faster phishing emails or more convincing social engineering tactics. AI is now helping threat actors identify vulnerabilities, navigate compromised networks, analyse stolen data and determine the next stages of an attack, all at machine speed.

AI is dramatically lowering the barrier to cybercrime

Historically, sophisticated cyberattacks required highly skilled threat actors working collaboratively across multiple disciplines. Cybercriminals needed expertise in reconnaissance, exploitation, malware development, privilege escalation and post-compromise analysis. These capabilities were typically limited to well-funded criminal organisations or nation-state groups.

AI is rapidly changing this equation. The automation of technical tasks significantly lowers the expertise and resources previously required to execute advanced cyberattacks. A single individual can now potentially leverage AI tools to conduct operations that previously demanded entire teams of specialists.

This democratisation of offensive cyber capabilities presents a concerning development for organisations worldwide. Cybercriminals are no longer constrained by the time and effort traditionally required to conduct sophisticated attacks. AI enables attackers to operate more efficiently, scale their operations rapidly and continuously refine their techniques with minimal human input.

AI cyberattacks are becoming increasingly autonomous

One of the most significant findings from the Check Point report involves the increasing autonomy demonstrated by AI systems during cyber intrusions.

In one documented case, AI tools were used to compromise nine Mexican government agencies and process approximately 400 million records spanning tax, electoral, patient and civil registry data. AI was reportedly responsible for generating and executing most of the commands required during the intrusion while simultaneously analysing stolen information and recommending subsequent targets.

Another case involved a Chinese-linked cyberespionage group targeting approximately 30 organisations globally. AI autonomously scanned networks, identified vulnerabilities, stole credentials and analysed compromised data while human operators primarily provided objectives and reviewed outputs.

These incidents illustrate that AI is evolving from an assistant into an active participant capable of performing complex cyber operations. The role of human attackers is gradually shifting from technical execution to strategic oversight.

Employee use of AI introduces additional risks

The rise of AI cyberattacks coincides with increasing organisational adoption of generative AI tools.

Employees are now routinely using multiple AI applications to improve productivity, summarise documents and generate business content. While these tools provide substantial operational benefits, they also create new data protection challenges that many organisations have yet to address comprehensively.

The Check Point report found that employees are increasingly submitting confidential corporate and personal information to external AI platforms. High-risk prompts containing sensitive data reportedly doubled during the study period.

This trend highlights an emerging governance challenge. Organisations cannot simply prohibit AI usage. Instead, they must establish clear policies governing acceptable use, data handling requirements and employee awareness surrounding AI-related risks.

Traditional security practices are no longer sufficient

AI is accelerating the pace of cyberattacks faster than many organisations can adapt their security practices.

Threat actors are now capable of discovering vulnerabilities, creating exploits and moving through compromised environments in significantly shorter timeframes. Security teams therefore face increasing pressure to identify and remediate vulnerabilities before attackers can weaponise them.

Traditional annual security reviews are becoming increasingly inadequate within this environment. Continuous monitoring, regular Vulnerability Assessment and Penetration Testing (VAPT) and proactive threat modelling are essential components of modern cybersecurity programmes.

Organisations must also begin considering AI-specific risks. Large language models and AI agents require their own security testing processes, including assessments for prompt injection attacks, jailbreak vulnerabilities and unintended data exposure.

Building organisational resilience against AI cyberattacks

Preparing for AI cyberattacks requires organisations to adopt a layered cybersecurity strategy that addresses both technological and human vulnerabilities.

Employee awareness remains critically important. Staff members should understand what information can safely be shared with AI tools and recognise how attackers may leverage AI to conduct increasingly convincing phishing and social engineering campaigns.

Security monitoring capabilities must likewise evolve. Automated detection tools, anomaly monitoring and incident response processes should be continuously reviewed to account for AI-enabled attack techniques.

Perhaps most importantly, organisations must recognise that AI cyberattacks are unlikely to remain limited to highly sophisticated threat actors. As AI technologies become more accessible, the capabilities previously associated with advanced adversaries may eventually become commonplace within the broader cybercriminal ecosystem.

How Privacy Ninja helps organisations prepare for AI cyber risks

The rise of AI cyberattacks highlights the growing need for organisations to strengthen both their cybersecurity and data protection capabilities. Privacy Ninja helps organisations build resilience against evolving cyber threats through practical, business-focused cybersecurity services.

Our Vulnerability Assessment and Penetration Testing (VAPT) services identify exploitable weaknesses across web applications, mobile applications, APIs, cloud environments and network infrastructure before threat actors can take advantage of them. Regular security testing becomes even more critical as AI significantly accelerates vulnerability discovery and exploitation.

Privacy Ninja’s Data Breach Management services help organisations prepare for, contain and recover from cybersecurity incidents efficiently while minimising operational disruption. Through our DPO-as-a-Service offering, we support organisations in strengthening their data protection governance, regulatory compliance and internal policies surrounding emerging technologies, including AI adoption.

Our Email Phishing Simulation programmes further help employees recognise increasingly sophisticated AI-generated phishing attempts and reinforce secure behaviour across the organisation.

AI cyberattacks represent one of the most significant developments in modern cybersecurity. Artificial intelligence is no longer merely assisting cybercriminals. It is increasingly capable of autonomously executing substantial portions of sophisticated attack campaigns.

As AI technologies continue to advance, organisations must assume that cyberattacks will become faster, cheaper and more scalable than ever before. The challenge facing businesses is no longer whether AI will influence cybersecurity, but how quickly they can adapt their security practices to keep pace.

Organisations that invest in proactive security testing, continuous monitoring, employee awareness and strong data protection governance will be far better positioned to defend against the next generation of AI-enabled cyber threats.

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Cybersecurity updates weekly!

PDPA-1024x683-min

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Cybersecurity updates weekly!

PDPA-1024x683-min

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
× Chat with us