Skip to content

AI-Driven Cyberattacks Become More Autonomous and Harder to Assess

Bottom line: Threat actors increasingly use AI in complex, later-stage attack phases, making traditional risk assessments obsolete and enabling automated attacks.

Anthropic analyzed 832 banned accounts between March 2025 and March 2026 to examine how attackers deploy AI systems in cyberattacks. The study shows that AI makes cybercriminals more dangerous and established risk assessments are becoming increasingly unreliable.

Anthropic analyzed 832 accounts suspended for malicious cyber activity between March 2025 and March 2026 and mapped them against the MITRE ATT&CK framework. The focus was on cases with sufficiently detailed information for thorough assessment. 67.3 percent of analyzed accounts (560 cases) used AI in malware development. For more complex activities such as lateral movement within compromised networks, this share was significantly lower – only 6.5 percent (54 actors).

A key finding concerns a shift in attack tactics. In the first half of the analysis period, 33 percent of actors were classified as medium risk or higher by Anthropic’s risk assessment system; in the second half, this proportion rose to 56 percent. Simultaneously, AI-driven activities shifted from initial access attempts (phishing attacks declined by 8.6 percent) to post-compromise activities such as account discovery (rising by 8.9 percent). This indicates that attackers are increasingly using AI deeper in the attack chain – in phases that traditionally required specialized technical knowledge.

For CISOs, this creates a significant challenge in threat assessment. Classical indicators such as the number of distinct techniques used or the platform employed (Claude Code, API, or chat interface) no longer correlate reliably with risk potential. Less experienced actors in the study employed an average of approximately 16 different techniques, highly skilled attackers approximately 20 – a marginal difference. What is instead distinctive is where in the attack chain attackers concentrate AI: higher-risk actors focus on operationally demanding techniques that require significant time, oversight, or real-time decision-making.

The MITRE ATT&CK framework does not fully capture these new AI-enabled activity patterns. The automation of attack components through AI means that less technically proficient threat actors can now deploy capabilities that were previously available only to specialists. This requires security organizations to reconsider their risk models and place greater emphasis on the depth and sequencing of AI-driven activities rather than on traditional metrics.


Source: www.anthropic.com · Published June 3, 2026
Lumi AI News — AI-assisted curation pursuant to Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.2.9.

Share on: