Cybersecurity Insider Survey: AI Is Fueling a New Generation of Threat Actors

The eSecurity Planet survey underscores a watershed moment for threat actors: nearly half of respondents now see AI as a catalyst that upgrades criminal skill sets. By automating routine coding, script generation, and data synthesis, generative models let attackers iterate faster and experiment with tactics that previously required years of hands‑on experience. This perception shift is reflected in the rise of AI‑crafted phishing lures, malware that self‑obfuscates, and reconnaissance bots that can translate and tailor social‑engineering content across languages, expanding the attack surface for organizations of all sizes.

AI’s impact goes beyond convenience; it fundamentally lowers the entry threshold for would‑be hackers. Tools such as ChatGPT, open‑source code generators, and deep‑fake audio platforms enable individuals with minimal technical background to launch sophisticated campaigns. Ransomware affiliates, initial‑access brokers and business‑email‑compromise operators are already integrating these capabilities to amplify credential‑theft operations and automate vulnerability research. While AI does not replace the strategic planning and operational security that seasoned cybercriminals rely on, it acts as a force multiplier, allowing smaller groups to achieve scale and precision previously reserved for elite teams.

For defenders, the message is clear: traditional signature‑based defenses are insufficient against AI‑enhanced threats. Security operations must invest in behavioral analytics, AI‑driven anomaly detection, and continuous threat‑intel feeds that can identify the subtle hallmarks of machine‑generated content. Training programs should emphasize phishing awareness that accounts for hyper‑personalized lures, and incident‑response playbooks need to incorporate rapid triage of AI‑assisted attacks. As enterprises embed AI into their own workflows, the same technology becomes a double‑edged sword—boosting productivity while simultaneously expanding the adversary’s toolkit.