AI is already making online crimes easier. It could get much worse.

· Source: MIT Technology Review · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy · Depth: Intermediate, long

Summary

Cybersecurity researchers are observing a significant increase in AI-powered cyberattacks, with some experts suggesting it's already a "sheer reality." While an initial discovery of "PromptLock" ransomware, which autonomously used large language models (LLMs) for real-time code generation, system mapping, and personalized ransom notes, was revealed to be an academic experiment by New York University researchers, the broader trend of AI in cybercrime is undeniable. Criminals are leveraging generative AI tools, including LLMs and deepfake technologies, to enhance the speed, volume, and sophistication of scams, phishing campaigns, and targeted email attacks. Microsoft reported blocking $4 billion in AI-aided scams by April 2025, and estimates suggest at least 50% of spam emails are now LLM-generated. Attackers are also bypassing AI model guardrails, often by exploiting open-source models, to generate malicious code and identify system vulnerabilities, as demonstrated by a China-linked actor manipulating Google Gemini.

Key takeaway

For cybersecurity leaders assessing evolving threats, the immediate concern is AI's role as a force multiplier for existing attack vectors, not fully autonomous AI superhackers. Your teams should reinforce foundational security programs, as current defenses remain effective against most AI-enhanced malware and phishing. Focus on robust spam filters, user education against deepfake scams, and diligent system updates to counter the increased volume and sophistication of AI-aided attacks.

Key insights

AI is rapidly lowering the barrier for cybercriminals, accelerating attack pace and increasing sophistication.

Principles

Method

Attackers use LLMs for real-time code generation, system mapping, personalized ransom notes, and deepfakes to automate and scale cybercrime operations, often by bypassing model guardrails.

In practice

Topics

Best for: CTO, VP of Engineering/Data, Director of AI/ML, AI Security Engineer, Security Engineer, Research Scientist

Related on AIssential

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by MIT Technology Review.