Three-Quarters of IT Leaders Fear Nation-State AI Cyber Threats
AI is at the top of most IT leaders’ minds when asked about the cyber threats their organizations could face, according to a recent Armis survey.
Almost three-quarters (74%) of respondents said that AI-powered attacks significantly threaten their organization’s security. A similar share (73%) added that they specifically feared that nation-state hackers’ AI capabilities could enable future sophisticated cyber-attacks.
The findings come from the 2025 Armis Cyberwarfare Report in which the firm surveyed more than 1800 global IT decision-makers.
The examples of threats cited in the report included Russia’s integration of AI into its cyberwarfare strategies and China’s DeepSeek AI model.
Additionally, nearly two-thirds (64%) of IT leaders agree that generative AI (GenAI) challenges the geopolitical status quo, allowing smaller nations and non-state actors to emerge as near-peer cyber threats.
According to Armis Labs, nation-state actors have been observed using cyber offensive AI in five key tactics:
- Automated malware development: AI-generated malicious code can dynamically alter itself to avoid detection
- AI-driven phishing: Machine-generated messages enhance the effectiveness of social engineering attacks
- Deepfake disinformation: AI-generated media manipulates public perception and undermines trust in digital communication
- Autonomous network attacks: AI-powered tools continuously scan for vulnerabilities and execute attacks without human intervention
- AI attack recommendation: AI-powered tools to identify the most likely areas to attack that won’t have detection in place (e.g. vulnerability exploits)
AI (Also) A Force for Good
Despite those fears,77% of respondents also stated that their organization has implemented measures to detect and counter AI-powered attacks.
Additionally, many of them are bullish on the power of AI to better defend themselves, helping them with some key defensive tasks, including the following:
- Behavioral analysis: AI detects deviations from normal user activity, identifying potential intrusions
- Automated threat hunting: AI continuously scans for new attack vectors, indicators of offensive actions and indicators of compromise
- Adaptive defense mechanisms: AI enables real-time reconfiguration of security settings in response to emerging threats
- Exploitation detection: Machine learning models identify exploitation of vulnerabilities in software
- Detection of techniques, tactics and procedures (TTPs): Machine learning models identify variations in typical command-line interfaces (CLIs) and system components acting outside of normal functions
- New system detection: Machine learning models identify when new operational technology (OT) systems, Internet-of-Things (IoT) and applications come online in a vulnerable state
- Visibility gap analysis: Find assets that are not sufficiently protected with poor visibility
- Defensive recommendation: Identification of a threat and mitigation plan based upon relevant defensive capabilities
Fear of Escalating Cyber Tensions Due to Geopolitics
Aside from AI, over 87% of IT decision-makers are generally concerned about the impact of cyberwarfare on their organizations. “A monumental shift from previous reports,” Armis indicated.
In 2024, just over half (54%) of IT leaders surveyed said they were concerned about the impact of cyberwarfare.
“A key factor is the rise in geopolitical uncertainty, fueled by armed conflicts and a seismic shift in the 2024 election cycle, where every governing party in a developed nation lost vote share,” read the Armis report.
Finally, 75% of IT leaders surveyed believe cyberwarfare attacks will increasingly target institutions representing free press and independent thought.
