What we learned mapping a year's worth of AI-enabled cyber threats
A recent report analyzes a year's worth of AI-enabled cyber threats, focusing on 832 banned accounts involved in malicious activities. The findings indicate that AI is increasingly used in complex stages of cyberattacks, making threat actors more dangerous. Additionally, traditional methods for assessing the risk level of cyber actors are becoming less effective due to the evolving nature of AI-assisted techniques.
- ▪The report examines 832 accounts banned for malicious cyber activity between March 2025 and March 2026.
- ▪Malicious actors are increasingly using AI in the later stages of cyber operations, making them more dangerous.
- ▪The MITRE ATT&CK framework does not fully capture the tools and activities of AI-enabled attackers.
Opening excerpt (first ~120 words) tap to expand
PolicyFrontier Red TeamWhat we learned mapping a year’s worth of AI-enabled cyber threatsJun 3, 2026As AI transforms the nature of and methods behind cyberattacks, how well do the techniques and frameworks used by the security community hold up?In a new report, we seek to answer that question. We examine 832 accounts that were banned for malicious cyber activity between March 2025 and March 2026 and map them onto MITRE ATT&CK, a longstanding database of the tactics and techniques used by cyberattackers. We published some of these results in Verizon’s 2026 Data Breach Investigations Report (DBIR), and are sharing a more detailed analysis here.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at Anthropic.
Discussion
0 commentsMore from Anthropic
