Artificial intelligence (AI) agents are rapidly changing the landscape of cybersecurity, automating key stages of cyberattacks. These sophisticated tools now operate with speeds and at scales previously unseen, posing a significant challenge to existing defense strategies. Experts warn that this shift could give attackers a substantial advantage unless new AI-assisted defense methods are developed quickly.
Key Takeaways
- AI agents are automating entire cyberattack chains.
- Their speed, scale, and sophistication are surpassing human capabilities.
- Recent events show AI finding vulnerabilities and creating malware.
- The balance of power in cybersecurity is shifting towards attackers.
- New AI-powered defense strategies are crucial to counter these threats.
AI's Growing Role in Cyberattacks
AI's involvement in cyberattacks has progressed rapidly. What was once a theoretical concept has now become a practical reality. Hackers have demonstrated the effectiveness of AI, and criminal groups are actively using it for their operations.
Over the summer, several incidents highlighted this concerning trend. In June, AI company XBOW achieved the top ranking on HackerOne's US leaderboard. They reported over 1,000 new software flaws in just a few months, demonstrating AI's ability to quickly identify vulnerabilities.
Fact: Speed of Discovery
- In August, seven teams in DARPA's AI Cyber Challenge found 54 new vulnerabilities in a target system within four hours.
- Google's Big Sleep AI also identified dozens of new vulnerabilities in open-source projects during the same month.
These examples show that AI can find system weaknesses much faster than traditional methods. This speed reduces the time available for defenders to patch systems before they are exploited.
Real-World AI-Powered Attacks
The use of AI in actual cyberattacks is already happening. In July, Ukraine's CERT (Computer Emergency Response Team) found Russian malware that used a large language model (LLM). This LLM automated parts of the attack process.
"The LLM generated both system reconnaissance and data theft commands in real-time," a CERT spokesperson stated.
This shows AI moving beyond just finding vulnerabilities to actively executing attack steps.
In August, Anthropic, an AI company, reported disrupting a threat actor. This actor used Claude, Anthropic's AI model, to automate the entire cyberattack process. The AI performed network reconnaissance, penetrated networks, and harvested victim credentials. It even determined which data to steal and how much money to demand.
Another hacker used Claude to create and market ransomware. This ransomware included advanced evasion capabilities, strong encryption, and anti-recovery mechanisms. These tools make it harder for victims to get their data back.
In September, Checkpoint reported on hackers using HexStrike-AI. This system created autonomous agents that could scan, exploit, and maintain access within target networks. These agents act independently once launched.
Historical Context
These capabilities far exceed what AI could do in 2016 during DARPA's Cyber Grand Challenge. The annual Chinese AI hacking challenge, Robot Hacking Games, is believed to operate at this advanced level, though details are limited outside China.
Such tools are becoming more accessible. Villager, an AI pentesting tool from Chinese company Cyberspike, uses the Deepseek model to completely automate attack chains. This means even less skilled attackers can launch complex operations.
The Shifting Balance of Power
AI agents now often match or exceed the sophistication of highly skilled human hackers. They automate operations at machine speed and global scale. This allows them to maximize profit for criminals or execute precise government-sponsored attacks, even designed to avoid detection.
This future could see attack capabilities grow beyond our ability to manage them. We have long relied on having time to patch systems after vulnerabilities are known. We also assumed that keeping vulnerability details secret would prevent exploitation. This is no longer a reliable strategy.
The balance between cyberattack and cyberdefense has historically favored attackers. These new AI developments threaten to shift the scales completely. We are potentially facing a "singularity event" for cyber attackers, where their capabilities reach a critical point.
Key parts of the attack chain are becoming automated and integrated. These include persistence, obfuscation, command-and-control, and endpoint evasion. Vulnerability research could happen during active operations, instead of months in advance. This compresses the timeline for defense.
For now, the most skilled human defenders may still have an advantage. However, AI agents do not need to be better than humans at every task to be useful. They only need to excel in one of four areas: speed, scale, scope, or sophistication. There are indications they will eventually excel in all four. By lowering the skill, cost, and time needed to find and exploit flaws, AI turns rare expertise into common capabilities. This gives average criminals a significant advantage.
AI-Assisted Cyberdefense: A Path Forward
AI technologies can also benefit defenders. While we do not fully know how AI will enhance cyber-offense versus cyber-defense, we can imagine a series of developments for defense.
Phase One: Transforming Vulnerability Research
AI-based hacking can empower defenders. AI can simplify complex tasks, making them accessible to more people. This frees up expert researchers to focus on problems requiring human creativity. History shows a pattern here. Reverse engineering was once manual until tools like IDA Pro made it widely available. AI vulnerability discovery could follow this path, moving through scriptable interfaces and automated workflows to broad accessibility.
Phase Two: The Rise of VulnOps
Between research breakthroughs and widespread business adoption, a new field called "VulnOps" could emerge. Large research teams are already building operational pipelines for their tools. This evolution might mirror how DevOps professionalized software delivery. In this scenario, specialized research tools become products for developers. These products could be SaaS platforms or internal frameworks. This would mean AI-assisted vulnerability research is available to everyone, at scale, repeatable, and integrated into daily business operations.
Phase Three: Disrupting Enterprise Software
If businesses adopt AI-powered security like they adopted continuous integration/continuous delivery (CI/CD), new possibilities arise. AI vulnerability discovery could become a standard part of development pipelines. We could see a world where AI automatically finds and patches vulnerabilities before software even reaches production. This shift could be called continuous discovery/continuous repair (CD/CR).
Third-party risk management (TPRM) offers a natural entry point for this adoption. It allows for lower-risk vendor testing and integration into procurement processes. This provides a proving ground before wider implementation.
Phase Four: The Self-Healing Network
If organizations can independently find and patch vulnerabilities in their running software, they would not need to wait for vendors to issue fixes. Building in-house research teams is expensive. However, AI agents could perform such discovery and generate patches for many types of code, including third-party products. Organizations might develop independent capabilities to create and deploy third-party patches on their own timelines. This extends the current trend of independent open-source patching. While this would increase security, having customers patch software without vendor approval raises questions about patch correctness, compatibility, liability, right-to-repair, and long-term vendor relationships.
These are all possibilities. AI-enhanced cyberattacks might not evolve as feared. AI-enhanced cyberdefense might give us capabilities we cannot yet imagine. The biggest surprises might come from paths we currently cannot see.