AI-Powered Cybersecurity: The Double-Edged Sword in the Digital Arms Race

AI: The new arsenal of cybercriminals and its growing threat to business

Artificial Intelligence is transforming industries around the world. Although it creates grounds for more innovation and efficiency, it also presents cybercriminals with new opportunities. From automating attacks to outsmarting highly secure systems, AI is undoubtedly a powerful weapon for hackers, posing unprecedented threats to enterprises. A recent Kaspersky study, conducted among InfoSec professionals from medium and large enterprises worldwide, revealed that 46% [AN1] of respondents believe the majority of cyberattacks experienced by their organizations in the last 12 months used AI technologies in some way. In this article, Kaspersky will discuss the way cybercriminals use AI, the consequences companies that fall under such attacks may experience, and how businesses can protect their infrastructure against them. How cybercriminals are using AI AI empowers cybercriminals to attack their targets with greater speed and precision. One of the most significant transformations is the way AI has revolutionized automated phishing and social engineering campaigns. By using AI tools, hackers can now analyze employee data in depth, learning about their positions in the company, behavioral patterns in communication, and uncovering their social media activity to create highly personalized and credible social engineering tactics. Alarmingly, AI is also being used by cybercriminals to generate deepfake audio and video content, impersonating the voices and likenesses of CEOs or other executives in fraudulent scams. Additionally, AI is also helping attackers bypass traditional security mechanisms. Using machine learning algorithms, an attacker can test all possible variants of the attack in real time, which provides them with a more effective way of evading cybersecurity software and firewall detection. The scale of threats and the cost to businesses The emergence of AI-enabled attacks means all types and sizes of businesses are now at an increased risk. Previously, some businesses may not have been perceived as potential targets, but AI now empowers attackers to scale their operations further. Cybercriminals can attack thousands of companies simultaneously with minimal effort. The attacks can now be deployed more effectively while hiding the trail back to the origin of the malicious act. The damage associated with AI-driven attacks, both financial and reputational, can be severe for businesses. In addition, fines and legal costs, as well as long-term damage to customer trust may follow -- a particularly sensitive area for sectors such as finance, healthcare and legal services, which rely heavily on consumer trust and confidentiality. How businesses can protect themselves To counter the growing threat of AI-driven cybercrimes, businesses need to focus on building a comprehensive cybersecurity framework rather than relying solely on AI-powered solutions. While AI tools play a critical role in real-time monitoring and threat detection, they are not sufficient on their own. Effective cybersecurity requires a multi-layered approach that includes advanced security tools, regular employee training, and proactive incident response planning. Only by combining technology, education, and preparation can businesses build the resilience needed to face the challenges posed by increasingly sophisticated AI-driven threats.

As New Cybersecurity Threats Loom, AI Defenses Get Popular

Keeping up with criminal hackers is a constant struggle, especially for small businesses, but many are now turning to artificial intelligence to boost their cybersecurity measures, even if they don't have experts in their own companies. New data from financial news site Pymnts show that the share of chief operating officers (COOs) reporting their firm has implemented AI-powered cybersecurity systems has increased tripled since early 2024. In May, about 17 percent of COOs surveyed reported they had deployed AI cybersecurity management, but that total rose to 55 percent by the end of 2024. The increased adoption rate is a reminder that even as malicious hackers are using brand new AI tools to break into systems, AI itself can help defend against hacks. While the Pymnts COO survey was for bigger companies, it's worth noting that just as AI can add new office skills to small teams at smaller firms, it can also boost your ability to defend against cyber attacks. Pymnts' survey explains that COOs are switching to AI-powered solutions at a time when "companies face the threat of cyberattacks that are growing more sophisticated," which tallies with other reports that cybercriminals now find it's even easier to hack into networks and computer systems thanks to generative AI-powered tools. During 2024, reports said that big tech names Google and Microsoft were rolling out AI-powered cybersecurity tools to help combat this increased threat. Back in February, Google's CEO Sundar Pichai spoke at the Munich Security Conference and addressed worries that the AI revolution could boost cybersecurity problems. Though everyone was "right to be worried about the impact on cybersecurity," Pichai said he felt AI tools can yield positive cybersecurity benefits. The Pymnts data supports Pichai's premise, reflecting a growing belief among COOs who say AI is now an "essential tool for protecting organizations from security breaches and fraud." Those respondents are confident that AI can help with immediate challenges, as well as boosting long-term security innovations.

55% of Companies Have Implemented AI-Powered Cybersecurity | PYMNTS.com

The share of chief operating officers (COOs) who report that their companies have implemented artificial intelligence (AI)-powered automated cybersecurity management systems has increased threefold since earlier this year. The increase brought the share of such COOs to 55% in August, up from about 17% in May, according to the December edition of the PYMNTS Intelligence report, "The AI MonitorEdge Report: COOs Leverage GenAI to Reduce Data Security Losses." Each of the COOs surveyed for the report represents an organization that generates more than $1 billion in annual revenue. These COOs are relying on GenAI-driven solutions to improve cybersecurity management at a time when companies face the threat of cyberattacks that are growing more sophisticated, according to the report. They are moving to proactive, AI-driven frameworks -- and away from reactive security approaches -- because the new AI-based systems can identify fraudulent activities, detect anomalies and provide real-time threat assessments. These features have made AI an essential tool for protecting organizations from security breaches and fraud, in the view of COOs. COOs are confident in AI's ability to help companies with both immediate challenges and long-term opportunities for growth and innovation, per the report. Those at organizations that leverage GenAI to run cybersecurity management systems estimate they saved 5.9% of annual revenue in the past 12 months. Among those reporting very positive return on investment (ROI), the estimated share of annual revenue saved is 7.7%. COOs with firms that use the technology for high-impact tasks like data security expect AI's ROI to be very positive in 5.6 years and expect that the technology will be fully embedded in their organizations in 6.9 years. AI is transforming how security teams handle cyberthreats. The technology automates the initial stages of incident investigation by analyzing vast amounts of data, and speeds up response times by allowing security professionals to begin their work with a clear understanding of the situation, PYMNTS reported in March. Companies are adopting this technology amid an AI-driven escalation of threats in which cybercriminals have been loading up their arsenal of AI-powered scams and frauds, PYMNTS reported Dec. 2. Amazon Chief Information Security Officer CJ Moses said that the eCommerce giant has seen hacking attempts increase more than sevenfold over the past six months in large part due to AI. Leveraging advanced AI tactics, cybercriminals are exploiting vulnerabilities at unprecedented speed and scale. The democratization of technologies like AI has made complex tools available to virtually anyone, making it easier for cybercriminals to carry out attacks, Chris Wyatt, chief strategy officer at Finexio, told PYMNTS in an interview posted in August. That's why the potential of AI to transform how companies manage their cybersecurity efforts is becoming so crucial, Wyatt said. One example of how AI-powered cybersecurity tools can combat sophisticated AI-powered attacks is by analyzing URLs, emails and messages in real time to detect and block phishing attempts and social engineering attacks before they reach users, J Stephen Kowski, field CTO at SlashNext, told PYMNTS in an article posted in November. "Advanced machine learning models can now understand the context and intent of communications, moving beyond simple pattern matching to identify threats that would bypass traditional security tools," Kowski said. "This proactive approach represents a shift from reactive, signature-based detection to predictive threat prevention that adapts to new attack variations in real time."