- This slick Linux browser is like a tricked-out Opera - and it's faster than Firefox
- The Google Pixel Tablet has been my smart home display for almost a year (and it's on sale)
- Tech leaders sound alarm over DOGE's AI firings, impact on American talent pipeline
- This robot and handheld vacuum combo is an absolute bargain at 33% off
- The most underrated robot vacuum I've tested just hit its lowest price ever
Preparing For The AI-Generated Cyber Threats Of 2025
There has been a gradual but alarming shift in the digital threat landscape over the last few years, as Advanced Persistent Threats (APTs) become more prominent and more potent. The volume of overall cyberattacks reached a crescendo in 2024, experiencing a 75% increase compared with the previous year.
Moreover, according to Gartner, AI-enhanced malicious attacks were the highest ranking cited risk among enterprise risk executives in 2024. The year ahead will likely see this continue, with the level of intelligent design evolving.
AI is enabling attackers to build sophisticated campaigns with unprecedented speed and precision. By automating reconnaissance, dynamically adapting malware, and mimicking legitimate behavior, AI amplifies attackers’ abilities to evade traditional defenses. APTs, once the domain of state-sponsored actors, are now within reach of criminal syndicates and even lone hackers. The result? Faster, more sophisticated, and harder-to-detect campaigns that demand businesses to be equally adaptive and proactive in their defense strategies.
Attacks with an AI Twist
AI enables hackers to scan networks, identify vulnerabilities, and execute attacks in minutes rather than days. If we look at malware for instance, already ballooning in scale with an increase of 14% of malicious files found in 2024 compared to a year earlier, AI is only going to exacerbate this trend.
Supported by AI, malware can automatically alter its code, presenting differently in the system which in turn overwhelms security mechanisms through sheer volume, while still delivering its payload. In this regard, there has been a growing trend of criminal international groups such as APT28, compromising systems again and again, relying on LLMs to obscure their movements and take advantage of poorly configured networks.
Phishing is another common data breach vector – three billion phishing emails are sent every day and the amount of people clicking on these links tripled in 2024. This puts more businesses at risk than ever before. In one study, which tested the ability of Large Language Models (LLMs) to exploit users with phishing scams, 60% of participants fell victim to AI-driven attacks – comparable to the success rates of non-AI phishing messages created by human experts.
This revelation illuminates how realistic and effective AI can be. If it can dupe a human into believing its authenticity just as effectively as a human-created scam, then the access to creative phishing is boundless. In fact, the entire phishing process can be automated using LLMs, reducing the costs of attacks by more than 95%, and taking away yet another boundary for hackers to grapple with.
It is paramount that companies fight fire with fire; AI-generated attacks with AI-pioneered solutions, which can identify and nullify intrusions in a fraction of the time of conventional tools. Organizations are starting to respond to the need, with 57% anticipating a budget increase for cybersecurity over the next year or two, but the urgency cannot be expressed enough – hackers will take advantage if the security protocols in place are insufficient.
Limited Defenses
The rapid evolution of AI-driven threats is exposing significant weaknesses in traditional cybersecurity tools and strategies. Many organizations remain heavily reliant on outdated technologies, which are increasingly unable to keep up with the tactics employed by modern attackers.
Static rules are often designed to detect known patterns of malicious activity. However, AI-driven threats can dynamically adapt their behavior, evading these rules entirely. For example, advanced malware can mimic legitimate processes, bypassing rules that flag suspicious activity. Signature-based systems rely on identifying specific, previously known malware signatures to detect threats – AI-generated malware, which can alter its code continuously (polymorphism) or create entirely new variants, easily evades these systems.
Blocking known malicious IP addresses can prevent some attacks, but attackers can frequently rotate or spoof IPs. Additionally, AI-enhanced botnets often utilize trusted platforms and residential proxies, bypassing these databases entirely. AI-generated threats spotlight these shortcomings by delivering malware and attack tactics that evolve in real time, leaving outdated tools unable to adapt quickly enough.
The reliance on traditional tools not only leaves organizations vulnerable but also burdens Security Operations Centers (SOCs). Outdated tools generate excessive alerts, many of which are false positives, irrelevant or low-priority, leading to alert fatigue. AI-driven attacks, designed to blend into legitimate network activity, go undetected in the noise, while manual triage processes slow down the response time, allowing attackers to inflict significant damage before being stopped.
Recent events have demonstrated the devastating impact of AI-driven threats. In 2024, a sophisticated campaign targeted French government agencies and private companies, employing a combination of phishing emails, encrypted payloads, and staged attack chains. AI-written malware used advanced techniques like COM hijacking to establish long-term persistence, evade detection, and exfiltrate sensitive data. This attack, alongside the broader deficit in AI skills among security professionals, underscores the urgent need for businesses to rethink their cybersecurity strategies.
Countering the Threat
To hit back against the new generation of AI-powered attackers, businesses must likewise adopt emerging technologies which can root out an intruder in a matter of minutes. Counter threat focused tools which can interrogate any untrustworthy anomalies within systems, interpret deviations from expected behavior and highlight unique attack tactics which defy the typical rules, will be the security priority for this year.
Automated response systems, real-time alert diagnosis, and continuous monitoring enable organizations to contain threats before they escalate. At the same time, building resilience into security frameworks is essential for long-term success. Integrating defensive solutions into an organization’s security structure will enable an AI-driven tool to learn on the go, improving its powers of anticipation and responsiveness.
As well as budgeting for vital technologies, businesses must foster a culture of resilience and preparedness. Continuous training for security teams is essential to equip them with the skills needed to counter the latest attack methods. Continuous monitoring ensures round-the-clock protection, while adaptive defense strategies and regular security team training cultivate resilience. Together, these measures create a comprehensive and flexible cybersecurity framework capable of withstanding and recovering from AI-generated infiltrations.
Forewarned is Forearmed
Despite the exponential rise in cyber threats, cybersecurity as an industry is severely understaffed. According to an ISC2 cybersecurity workforce study, 25% of respondents reported layoffs in their cybersecurity departments, while 37% faced budget cuts. We know the escalating threat and it is up to each business owner or security professional to act.
There is no doubt that AI can magnify the impact of a threat, but it can also challenge it. Without AI, uncovering and managing a breach can take an average of 277 days, now with certain technologies this is reduced to minutes.
The stakes are high, and we must remain vigilant to the diverse and developing threat landscape. The era of sluggish and rigid security is over. Organizations should prioritize tools which trigger deep learning mechanisms which prosecute information at lightning speed and identify vulnerabilities or sabotage with pinpoint precision. In the chronicles of cybersecurity we have reached a new chapter, one which is relying on AI to write it. It is up to businesses and those combating the security threat to prevent it being the only storyline.
About the Author
Eran Orzel is the CEO of CyTwist, and a seasoned business leader and entrepreneur with over 20 years’ experience in sales leadership and go-to-market operational roles. He has extensive experience with a next generation cybersecurity platform countering Advanced Persistent Threats (APTs). Eran is a sought-after expert on cybersecurity and the emergence of AI-driven threats, having held a string of high-profile positions for leading tech and security enterprises, including as Head of Strategic Sales and Partnerships at Check Point and Co-Founder and Chief Business Officer at Argon, which was later acquired by Aqua Security.
Eran can be reached at https://www.linkedin.com/in/eran-orzel/?originalSubdomain=il
