AI is making cyberattacks more autonomous, harder to assess
New Delhi, June 6
Artificial intelligence is increasingly making cyberattacks more autonomous, enabling threat actors to carry out more advanced operations and challenging traditional cybersecurity frameworks, a report has said.
According to an analysis by Anthropic, over 800 accounts were banned for malicious cyber activity between March 2025 and March 2026, and evidence was found that attackers are increasingly using AI deeper into the cyberattack lifecycle rather than only for initial attack preparation.
Around 67 per cent of the analysed accounts used AI for attack preparation activities, including malware development.
However, Anthropic observed a growing shift towards more operationally complex activities after attackers gain access to systems.
"We found evidence consistent with AI being used to help increase the threat level of attackers," the report said.
It further noted that actors classified as medium-risk or higher increased from 33 per cent during the first half of the analysis period to 56 per cent in the second half.
The report found that AI-assisted phishing activity declined while the use of AI for post-compromise activities, including account discovery and movement within compromised systems, increased.
In addition, the AI giant warned that cyberattacks are becoming increasingly autonomous as attackers use AI systems capable of chaining together multiple stages of attacks with limited human intervention.
According to the company, traditional indicators used to assess attacker sophistication are becoming less reliable as AI enables lower-skilled actors to perform technically complex operations.
The report further argued that existing cybersecurity frameworks, including MITRE ATT&CK, do not fully capture AI-enabled threats, particularly attacks involving AI agents capable of making tactical decisions, orchestrating attack stages, and executing actions autonomously.
Moreover, it highlighted how rapidly evolving AI capabilities are reshaping cyber threats and creating new challenges for security defenders worldwide.
— IANS
Reader Comments
Interesting report. The shift from AI just being used for preparation to deeper integration in attacks is concerning. We need international cooperation on this. Countries like India, US, and others should share threat intelligence more openly.
Honestly, we are already struggling with basic cyber hygiene in many Indian organizations. Small businesses and even some government departments don't prioritize security. Now autonomous AI attacks? It's like fighting a tiger with a stick. We need massive upskilling and investment in AI-driven defenses. 🐅💻
The mention of MITRE ATT&CK not capturing AI-enabled threats is crucial. We need a new framework. Also, the increase in medium-risk actors from 33% to 56% shows democratization of cyberattacks. Anyone with AI can now be dangerous. This is the new normal.
One thing I appreciate is that Anthropic is transparent about banning 800 accounts. But we need more than just bans - we need preventive measures. India's CERT-In should collaborate with AI firms to create early warning systems. Better safe than sorry, yaar. 🚨
Autonomous attacks chaining multiple stages without human intervention? That's essentially Skynet-level stuff. But seriously, this underscores the need for AI ethics and regulation. We can't let the genie out of the bottle without safeguards.
We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.