Anthropic Study Finds AI Cyberattacks Are Already Automated
The study shows AI is lowering the technical barrier for advanced cyberattacks, making traditional threat assessment methods obsolete.
Reporting from 1 sources: GIGAZINE.
Anthropic analyzed 832 suspended accounts over a year and found that AI use in cyberattacks is shifting from simple preparation to complex post-compromise activities. The proportion of attackers classified as medium risk or higher rose from 33% to 56% over the study period. Traditional risk indicators no longer correlate with attacker skill.
Anthropic examined 832 accounts suspended for cyberattack activity between March 2025 and March 2026, mapping them to the MITRE ATT&CK framework. The most common AI use was preparation, with 67.3% of accounts using AI for tasks like malware creation. But the study found a clear shift: AI-assisted phishing dropped 8.6% while AI use for identifying valid accounts inside compromised networks rose 8.9%. Attackers classified as medium risk or higher jumped from 33% in the first six months to 56% in the second six months.
Anthropic also reported that traditional risk indicators no longer work. The least skilled attackers used an average of 16 techniques, while the most skilled used about 20, and the platform used showed no correlation with risk level. The company concluded that AI is automating advanced attack stages that previously required technical expertise.
Synthesized by Yomimono from the 1 cited source below, including Japanese-language reporting where cited, then editorially reviewed before publishing.
Sources
- GIGAZINE Anthropicが「サイバー攻撃はすでにAIで自動化されている」と報告