AI is making cyberattacks more autonomous, warns report
A new Anthropic report warns that cybercriminals are increasingly using artificial intelligence across multiple stages of cyberattacks. The study found a rise in AI-enabled post-compromise activities and cautioned that growing AI autonomy is challenging traditional cybersecurity frameworks and defence strategies
New Delhi: Artificial intelligence (AI) is increasingly making cyberattacks more autonomous, enabling threat actors to carry out more advanced operations and challenging traditional cybersecurity frameworks, a report has said.
According to an analysis by Anthropic, over 800 accounts were banned for malicious cyber activity between March 2025 and March 2026, and evidence was found that attackers are increasingly using AI deeper into the cyberattack lifecycle rather than only for initial attack preparation.
Around 67 per cent of the analysed accounts used AI for attack preparation activities, including malware development.
However, Anthropic observed a growing shift towards more operationally complex activities after attackers gain access to systems.
“We found evidence consistent with AI being used to help increase the threat level of attackers,” the report said.
It further noted that actors classified as medium-risk or higher increased from 33 per cent during the first half of the analysis period to 56 per cent in the second half.
The report found that AI-assisted phishing activity declined while the use of AI for post-compromise activities, including account discovery and movement within compromised systems, increased.
In addition, the AI giant warned that cyberattacks are becoming increasingly autonomous as attackers use AI systems capable of chaining together multiple stages of attacks with limited human intervention.
According to the company, traditional indicators used to assess attacker sophistication are becoming less reliable as AI enables lower-skilled actors to perform technically complex operations.
The report further argued that existing cybersecurity frameworks, including MITRE ATT&CK, do not fully capture AI-enabled threats, particularly attacks involving AI agents capable of making tactical decisions, orchestrating attack stages, and executing actions autonomously.
Moreover, it highlighted how rapidly evolving AI capabilities are reshaping cyber threats and creating new challenges for security defenders worldwide.
