Wed, August 20, 2025

Facebook-f Youtube Instagram
Newsletter Sign up
Show Support
Menu

AI Cyber Threats: How to Stop the Latest Attacks

Publisher’s note: Today, we begin a monthly thought leader column from Corsica, one of the leaders in AI and Cyber issues in the CSRA. Gold members like Corsica enjoy these monthly membership benefits. For more info, visit www.augustabusinessdaily.com/membership

This article first appeared on the Corsica Technologies blog.

AI has changed the world of cybersecurity forever. New threats are appearing that were unthinkable before AI. Leaders in IT and business are asking themselves tough questions:

  • “Are we educated on the latest AI cyber attacks?”
  • “Is our team familiar with phishing email examples—and how AI makes them even more powerful?”
  • “Are we using the latest AI technology to stop these attacks?”

 

Here’s everything you need to know to protect your organization.

In this article:

  • How AI is used in cyber attacks
  • The danger of personalized attacks driven by AI
  • Statistics about the growth of AI cyber attacks
  • How to prevent AI cyber attacks

 

How is AI used in cyber attacks?

There are two primary strategies that attackers exploit to launch an AI-powered attack:

  1. Social engineering
  2. Software vulnerabilities

 

Unfortunately, AI greatly increases the effectiveness of attacks in both categories. Here are the kinds of AI-powered attacks that we block most often for our clients.

1. AI-driven social engineering attacks

  • Generic AI-powered phishing. Attackers use AI to generate a phishing email and send it to many people. The message isn’t personalized, but it uses social engineering tactics (like urgency and fear) to manipulate the user into clicking a link or downloading an attachment.
  • Personalized AI-powered phishing. Attack strategies such as spear phishing, whaling, and clone phishing are highly personalized. Criminals can use AI to target a specific company or individual using information that’s available about them online. (We’ll unpack all of these in more detail below, as there are many types of personalized phishing.)

 

2. AI-driven exploits of software vulnerabilities

AI can perform vast amounts of analysis much faster than a human. This makes it the ideal tool to discover, catalog, and exploit vulnerabilities in software systems.

Here are some of the most common vulnerabilities that can be discovered and exploited with AI.

  • Misconfigured security settings. Unfortunately, default security settings are rarely adequate, especially for cloud systems. It’s also possible to make mistakes when configuring security settings. AI tools can detect these vulnerabilities easily.
  • Inappropriate user permissions. The principle of least privilege states that a given user should have only as much access as they need to do their job. However, many systems have their users configured with far more permissions than they actually need. Once an attacker has gained access to a system, they can use AI to catalog and exploit these misconfigured permissions.
  • Insecure APIs. AI can detect APIs with expired or insecure security settings, making it easy to exploit these weaknesses.
  • Weak passwords. AI is a game-changer in cryptography. It can crack weak passwords far more quickly than human actors can.
  • Unpatched systems. If a software vendor has discovered a vulnerability and released a patch for that system, AI can determine whether the patch was applied to a given instance. This empowers attackers to identify unpatched systems, then go after them.

 

Can AI-powered attacks target specific organizations or people?

Yes. AI excels at creating personalized, highly believable attacks. Here are some examples of AI-powered phishing strategies that we see frequently.

  • AI-driven executive impersonation. AI tools make it incredibly easy for attackers to impersonate an executive. This usually takes the form of an urgent message that appears to come from a person in leadership at the organization. AI can craft unique messages based on any information available to the attacker, making this strategy especially dangerous.
  • AI-driven whaling. A whaling attack flips executive impersonation on its head. The target is the executive. Since leaders often have sweeping permissions and access to many critical systems, they make a lucrative target for attackers. AI-driven whaling attacks use AI to craft highly personalized, believable messages that get leaders to take action and compromise systems without realizing it.
  • AI-driven clone phishing. Clone phishing involves sending a new email in an existing thread with a trusted contact. The email appears to be from the contact, making it especially dangerous—and AI makes it easier than ever for attackers to impersonate trusted contacts.
  • AI-driven vishing. Voice phishing, or “vishing,” is any phishing attack that happens over a phone call. AI is especially insidious here, as it empowers attackers to create live, reactive AI agents that speak and sound like a person known to the victim.

 

Every one of these attack types was dangerous before the advent of AI. But AI tools have taken these possibilities to the next level. Every organization should expect to get personalized, AI-driven phishing attacks.

How common are AI cyber attacks?

Unfortunately, AI cyber attacks are growing more and more common every day. Here are some concerning statistics.

  • 6% of phishing emails are now generated by AI—a YoY increase of 53.5%.
  • Phishing attacks in general have surged 1200% since the advent of GenAI in 2022.
  • Credential-based phishing attacks grew 703% in 2024 due to the appearance of premade, AI-generated phishing kits.

 

So, what’s the impact of AI on cyber attacks?

As you can see, AI-driven attacks are now a serious factor in cybersecurity.

But how do you prevent them, educate your users, and protect your data and systems?

How can I prevent AI cyber attacks?

The answer depends on the type of attack. Since social engineering attacks and software vulnerability exploits are the two most common categories, we’ll look at them in detail.

How to stop AI-driven social engineering attacks

There are two components to a healthy strategy here.

  • Technology. The first line of defense against AI-powered phishing attacks is to ensure these emails never reach users’ inboxes. You can achieve this with email security tools. Here at Corsica Technologies, we use AI-powered solutions to detect dangerous emails and quarantine them—so users never even see them.
  • User training. No technology is foolproof. Even the best email security solution may allow the occasional phishing email to pass through to the inbox. Ultimately, your best defense is education. You want to give your employees phish testing and awareness training so they’re prepared to deal with threats. And since phishing strategies continue to evolve in the age of AI, you’ll want to give this training on a regular basis. Many of our clients choose to do it quarterly.

 

Both technology and training are critical, and they work together to stop AI social engineering attacks.

How to stop AI-driven exploits of software vulnerabilities

The key here is to stay on top of patching. You need to know which systems require a patch—and you need the resources to test and apply patches at scale.

Here at Corsica Technologies, we use sophisticated technologies, including AI-enabled solutions, to stay on top of patches for our clients. This ensures that we deal with the highest-risk scenarios in a timely fashion.

The takeaway: Don’t wait to prepare for AI cyber attacks

A few years ago, the idea of AI attacks at scale was a looming probability but not a reality. That has changed. AI-powered attacks are here—and they’re affecting our clients every day. If you need help defending your organization from sophisticated attacks, contact us today. Let’s discuss your vulnerabilities, your cybersecurity standing, and how we can help you become more secure.

About the author

Ross Filipek is Corsica Technologies’ CISO. He has more than 20 years’ experience in the managed cyber security services industry as both an engineer and a consultant. In addition to leading Corsica’s efforts to manage cyber risk, he provides vCISO consulting services for many of Corsica’s clients. Ross has achieved recognition as a Cisco Certified Internetwork Expert (CCIE #18994; Security track) and an ISC2 Certified Information Systems Security Professional (CISSP). He has also earned an MBA degree from the University of Notre Dame.

Subscribe to our eNewsletter for the BEST local business news delivered to your Inbox each week day.

* indicates required

Leave a comment

Your email address will not be published. Required fields are marked *

More Posts

Lessons from training camp

In last week’s column, I wrote about how this is one of my favorite times of the year because it means the start of football