AI is making cyber attacks faster and harder to spot, reports warn

In short: Artificial intelligence is raising the pace and scale of cyber crime, and companies are struggling to keep up.

What's going on

Several recent industry and government reports argue that AI is changing cyber security by making attacks quicker, cheaper, and easier to run at large scale. The World Economic Forum says AI creates more “vectors” (more ways in) for more powerful attacks.

One example is Anthropic’s decision in April to not publicly release a tool called Claude Mythos. In tests, the tool found “thousands of zero-day vulnerabilities” (unknown software flaws that have no fix yet) across major operating systems and web browsers. Anthropic said it will instead share the tool only with vetted partners like Apple and Microsoft through Project Glasswing, to help build defenses.

Companies say the risk is rising. The Bank of England reported that 86 percent of companies put cyber risk in their top five risks, up from 72 percent earlier. In a Proofpoint survey of 1,600 chief information security officers, 66 percent reported a significant loss of sensitive information in the last year, up from 46 percent in 2024.

The most common weak spots have not changed much. Reports frequently point to stolen or misused logins, breaches through suppliers (like a break-in through a trusted vendor), and flaws in public systems like websites or databases. CrowdStrike also reported that 82 percent of detected intrusions did not use malware, meaning attackers often “walk in” using trusted access, like a thief using a copied key.

What to watch

Experts say speed matters more now, because AI can find and exploit weaknesses quickly. Businesses are likely to spend more on identity checks, faster software updates, and closer monitoring of suppliers and contractors.

Source: Financial Times