Business leaders identify AI-augmented cyber threats as a significant escalating danger, according to Gartner's report
As global enterprises continue to digitize their operations, a new threat landscape is emerging: AI-engineered cyberattacks. According to recent reports, these advanced attacks are becoming increasingly sophisticated, scalable, and often autonomous, posing significant challenges for defenders [1][2][3].
Key trends in AI-driven cyberattacks include widespread adoption by advanced threat actors, AI-driven social engineering, the rise of fully autonomous attacks, and the global scale and sector impact of these threats. For instance, in 2025, an estimated 14% of major corporate breaches were fully autonomous, meaning once launched by AI, no human intervention was required for the attack to proceed [2].
Advanced Persistent Threat (APT) groups, cybercriminal gangs, and hacktivists are integrating AI to automate reconnaissance, identify vulnerabilities, and deploy malware with minimal manual intervention [1]. Natural language processing (NLP) and generative AI tools are being used to craft highly personalized, convincing phishing emails and social engineering messages tailored to a target’s behavior or role, increasing the success rate of these attacks [1][3].
The impact of AI-driven cyberattacks is not limited to a specific sector. Globally consequential risk is another of the remaining top five most commonly cited emerging risks, with 76% rise in healthcare attacks and a 31% rise in Middle East espionage due to automated ransomware deployment [2]. Attackers now combine email, voice impersonation, deepfake videos, and live chat in multi-channel campaigns, using AI to maximize reach and effectiveness [3].
Moreover, machine learning algorithms are incorporated into 35% of botnet operations to evade detection and adapt in real time, and 20% of cyberattacks use AI-enhanced obfuscation techniques like synthetic traffic generation or polymorphic code [2]. Over half (52%) of AI-driven attacks in 2025 utilized public Large Language Models (LLMs) to generate phishing content or script payloads [2].
Notable threat groups include APT31, which uses AI-driven facial recognition and surveillance tools in cyber-espionage operations, and APT28, which experiments with AI-generated deepfakes for disinformation campaigns, manipulating public perception [1]. Ransomware groups are also optimizing their attacks using AI, timing deployments for maximum impact [1].
Defenders face significant challenges in keeping pace with these AI-accelerated attacks. The average detection time for AI-assisted breaches has dropped to 11 minutes, but 57% of Security Operations Center (SOC) analysts report that traditional threat intelligence is insufficient against these attacks [2]. Enterprises deploying AI-powered defenses still experience breaches in 29% of cases [2].
The report by Gartner, based on a survey of 286 senior risk and assurance executives, highlights the difficulties organizations face in considering the risk implications from various global election scenarios. The report forecasts that AI-assisted misinformation and escalating political polarization are emerging risks that could have a significant impact on enterprises [4].
In conclusion, AI-engineered cyberattack campaigns are not only identified but are proliferating rapidly. Threat actors are leveraging automation, machine learning, and generative AI to launch sophisticated, scalable, and often autonomous attacks across the globe. Defenders face significant challenges in keeping pace, necessitating advanced, AI-powered cybersecurity solutions and heightened vigilance.
References: [1] Mandiant Consulting CTO Charles Carmakal [2] Gartner's study [3] John Hultquist, Mandiant Chief Analyst [4] Zachary Ginsburg, senior director of research in Gartner's Risk and Audit Practice [5] Gartner's Q3 survey of 286 senior risk and assurance executives
- As AI technology continues to advance and permeate various sectors, including cybersecurity, a rising concern is the widespread adoption of AI-driven cyberattacks by threat actors such as Advanced Persistent Threat (APT) groups, cybercriminal gangs, and hacktivists.
- The proliferation of AI-engineered cyberattacks poses significant challenges for defenders, with the average detection time for such breaches dropping significantly while traditional threat intelligence proves insufficient against these advanced attacks.
