AI-Powered Cyberattacks Raise Alarm Among IT Leader
Connect with IT purchasing decision-makers Maximize your reach with TechNewsWorld's B2B marketing solutions. We deliver the highest-quality leads to streamline your sales journey. Fill your pipeline and elevate your revenue using our proven lead-generation strategies. Learn more.
Nearly eight out of 10 global IT decision-makers say artificial intelligence now poses a significant security threat, according to a new cyberwarfare report released Tuesday.
Cyber conflict is entering a new phase as AI becomes deeply embedded across economies, organizations, and everyday digital life, the fourth annual Armis State of Cyberwarfare Report found, based on a survey of 1,900 IT decision-makers worldwide at companies with more than 1,000 employees.
But with that dependency comes exposure, it noted. Today, 79% of IT decision-makers state that AI-powered attacks pose a significant threat to their organizationsâ security.
âAI-powered attacks move faster and enable less experienced adversaries to launch sophisticated attacks at an accelerated rate, making them hard for typical security teams to detect,â Nadir Izrael, CTO and co-founder of Armis Labs, the research arm of Armis, a cyber exposure management and security company in San Francisco, told TechNewsWorld.
Izrael, who wrote the introduction to the 23-page report, added that a majority of respondents (69%) agree that AI will enable non-state actors to operate with nation-state-level sophistication. âThe barriers to entry are gone, even as the impact of attacks continues to rise,â he said.
âToday, we are facing progressively sophisticated cybersecurity attacks, driven by the growth of AI,â explained Seth Spergel, managing partner at Merlin Ventures, of McLean, Va., a network of affiliates that invests in, enables, and scales cyber technology companies.
âWhile AI is powering a new generation of defensive tools, it also makes the types of attacks that were once the domain of only very experienced threat actors much more accessible,â he told TechNewsWorld. âAs a result, organizations are seeing both nation-states and criminals probe their defenses at a significantly higher volume than before.â
From Nuisance to Sophisticated Threat
AI-powered attacks have all but removed the barrier to entry for sophisticated attacks, maintained Jim Sherlock, vice president for AI and cybersecurity R&D at ProCircular, a cybersecurity consulting firm in Coralville, Iowa.
âTraditionally, the casual armchair hacker ran pre-packaged exploits they didnât understand against targets they found by accident,â he told TechNewsWorld. âThey were nuisances, not existential threats.â
âWhat AI enables is something else entirely,â he continued. âA low-skill adversary can now deploy autonomous agents that reason about a target environment, chain exploits using current context, adapt to defensive responses and make lateral movement decisions on the fly.â
âA script kiddie runs someone elseâs exploit and hopes it works,â he said. âAn AI-equipped attacker builds its own exploit chain on the fly and knows it will.â
âThe line between commodity malware and nation-state-grade attacks is shrinking,â he added. âWhat used to require resources and expertise now just requires intent.â
Attack Acceleration
Rajeev Raghunarayan, head of go-to-market at Averlon, an AI-powered cloud security company in Redmond, Wash., asserted that AI-powered attacks are a significant threat not just because they are more sophisticated, but because they operate at a different speed and scale.
âRecent research, including Anthropicâs documentation of an AI-assisted cyber espionage campaign, shows that attackers have begun to automate parts of the attack lifecycle, such as reconnaissance, vulnerability discovery, and lateral movement,â he told TechNewsWorld.
âThat changes the math for defenders,â he continued. âMost organizations already have visibility into their risks but struggle to act on them quickly. When AI compresses the time between vulnerability discovery and exploitation, the gap between finding an issue and fixing it becomes the critical risk window.â
âMany organizations are underestimating this shift,â he said. âAI lowers the barrier for attackers, allowing even less sophisticated actors to operate at scale, which increases pressure on already constrained security teams. The question is no longer just what vulnerabilities exist, but how fast you can prioritize and remediate the ones that matter before attackers exploit them.â
âAI compresses the timeline from initial access to full compromise from hours to minutes, and most security operations are still built around the assumption that human analysts have time to investigate before things get worse,â added Michael Bell, CEO of Suzu Labs, in Las Vegas, a provider of AI-powered cybersecurity services.
âWhen an autonomous agent is already moving through your network faster than your team can open a ticket, the entire detection-and-response model breaks,â he told TechNewsWorld.
Underestimated Resources
The Armis report also noted that two-thirds (66%) of IT decision-makers believe that organizations underestimate the resources required to defend against AI-powered threats. Thatâs even higher in the United States â 75%.
âOrganizations say theyâre prepared, but half admit that they havenât adequately secured their ecosystems after being hacked. Thatâs not preparation. Itâs overconfidence,â declared Brian Bell, CEO of FusionAuth, a customer identity and access management platform in Broomfield, Colo.
âThe core issue is that organizations are confusing compliance with resilience,â he told TechNewsWorld. âPassing an audit is not the same as stopping an autonomous agent from accessing data it shouldnât. Until organizations close the gap between how they feel about their security posture and how it actually performs under pressure, the readiness paradox will keep widening.â
Before AI-powered attacks emerged, few organizations could handle the threats they faced, observed Richard Stiennon, founder and chief research analyst at IT-Harvest, a cybersecurity industry analyst firm in Birmingham, Mich.
âAdding AI just exacerbates the problem,â he told TechNewsWorld. âWeâve had non-AI-enabled attacks for three decades, and they havenât gone away.â
Fog of Cyberwarfare
Nearly two out of three decision-makers (64%) told Armis researchers that emerging technologies will make it harder to distinguish between espionage, cybercrime, and acts of war.
Those distinctions are important because the response to each is completely different, observed Suzuâs Bell. âGetting it wrong means you either escalate into a military confrontation, or you underreact and invite more,â he said.
âIranâs hacktivist proxies are state-directed operations wearing civilian clothes specifically to keep that line blurred, and itâs working,â he added.
Armisâs Izrael explained that as the industry continues to embrace emerging technologies, so do threat actors. âWe are seeing this firsthand as AI-powered threats emerge,â he said.










