AI is now powering cyberattacks, Microsoft warns

1K

 

Artificial intelligence promised to make life easier. Write emails faster. Build software quicker. Analyze huge datasets in seconds. Unfortunately, cybercriminals noticed those benefits too.

A new report from Microsoft Threat Intelligence reveals that attackers are now using AI across nearly every stage of a cyberattack. The technology helps them move faster, scale operations and lower the technical skill required to launch attacks. In simple terms, AI has become a powerful assistant for hackers.

Instead of replacing cybercriminals, it gives them tools that make their work easier.

 

 

 

How hackers are using AI today

Cyberattacks usually involve many steps. Attackers scout victims, craft phishing messages, build infrastructure and write malicious code. According to Microsoft researchers, generative AI tools now help speed up many of those tasks.

Attackers are using AI to:

• Write convincing phishing emails
• Translate scam messages into different languages
• Summarize stolen data
• Generate or debug malware code
• Build scripts and infrastructure for attacks

AI also helps threat actors move more quickly between stages of an attack. Tasks that once took hours or days may now take minutes. Microsoft describes AI as a “force multiplier” that reduces friction for attackers while humans remain in control of targets and strategy.

 

Nation-state hackers are already experimenting with AI

Some of the most advanced cyber groups are already experimenting with artificial intelligence. Microsoft says North Korean hacking groups known as Jasper Sleet and Coral Sleet have incorporated AI into their operations.

One tactic involves fake remote workers. Attackers generate realistic identities, resumes and communications using AI. They apply for jobs at Western companies and gain legitimate access to internal systems once hired.

In some cases, AI even helps generate culturally appropriate names or email formats that match specific identities. For example, attackers may prompt AI tools to produce lists of names or create realistic email address formats for a fake employee profile. Once inside a company, that access can become extremely valuable.

 

AI can help build malware and attack infrastructure

Researchers also observed threat actors using AI coding tools to assist with malware development.

Generative AI can help attackers:

• Write malicious scripts
• Fix coding errors
• Convert malware into different programming languages

In some experiments, malware appeared capable of dynamically generating scripts or changing behavior while running. Meanwhile, attackers can use AI to build phishing websites or attack infrastructure more quickly. Microsoft also observed groups using AI to generate fake company websites that support social engineering campaigns.

 

Hackers are trying to bypass AI safety rules

AI companies have placed guardrails on their systems to prevent misuse. However, attackers are already experimenting with ways to bypass those safeguards. One tactic is called jailbreaking. It involves manipulating prompts so that an AI system generates content it would normally refuse to produce. Researchers are also watching early experiments with agentic AI, which can perform tasks autonomously and adapt to results.

For now, Microsoft says AI mainly assists human operators rather than running attacks on its own. Still, the technology is evolving quickly.

 

Why AI is lowering the barrier for cybercrime

One of the biggest concerns in the Microsoft report is accessibility. Years ago, launching sophisticated cyberattacks required advanced technical skills. AI tools now help automate parts of that process. Someone with limited programming knowledge can ask AI to generate scripts, troubleshoot code or translate scams into multiple languages.

That shift could expand the number of people capable of launching cyberattacks. At the same time, AI also gives defenders new tools for detecting threats. Security teams are now using AI to analyze behavior, detect anomalies and respond to attacks more quickly. The technology is fueling both sides of the cybersecurity arms race.

 

How Microsoft is responding to AI-powered cyber threats

Microsoft says its security teams are working to detect and disrupt AI-enabled cybercrime as it emerges. The company uses threat intelligence systems to monitor attacker activity, identify new tactics and share findings with organizations around the world.

Microsoft also integrates AI into its own security tools to help detect suspicious behavior, phishing campaigns and unusual account activity faster. These systems analyze patterns across billions of signals each day to identify threats before they spread widely.

The company says organizations should strengthen identity protections, monitor unusual credential use and treat suspicious remote worker activity as a potential insider risk.

 

How to protect yourself from AI-powered cyberattacks

The rise of AI-powered cyberattacks can sound alarming. The good news is that many proven security habits still work. A few simple steps can dramatically reduce your risk.

 

1) Be cautious with unexpected messages

AI-generated phishing emails are becoming more convincing. Always verify requests for passwords, payments or sensitive information before clicking links or downloading files. Also, use strong antivirus protection on all your devices. Strong antivirus software like TotalAV can detect malware, block suspicious downloads and warn you about dangerous websites before they load.

 

2) Use strong, unique passwords

A password manager such as NordPass can generate and store complex passwords for every account. This prevents attackers from accessing multiple accounts if one password is exposed.

 

3) Turn on multi-factor authentication

Even if someone steals your password, multi-factor authentication adds a second layer of protection and can stop many account takeovers.

 

4) Keep devices and software updated

Security updates patch vulnerabilities that attackers often exploit. Turn on automatic updates whenever possible.

 

5) Remove personal data from public websites

Cybercriminals often gather personal information from data broker sites before launching scams. Using a data removal service such as Incogni can help reduce the amount of personal information attackers can find about you online.

 

Is your personal information exposed online?

Run a free scan to see if your personal info is compromised. Results arrive by email in about an hour.

 

6) Watch for unusual account activity

Unexpected login alerts, password reset messages, or unfamiliar devices connected to your accounts may signal a breach. Act quickly if something looks suspicious.

 

 

Related Links: 

• Inside Microsoft’s AI content verification plan
• AI cybersecurity risks and deepfake scams on the rise
• Microsoft “Important Mail” email is a scam: How to spot it

 

 

Kurt’s key takeaways

Artificial intelligence is transforming almost every industry. Cybercrime is no exception. Hackers now use AI to craft phishing messages, build malware and scale attacks faster than ever before. The technology lowers technical barriers and speeds up operations while human attackers remain in control. Security experts expect the use of AI in cyberattacks to grow as tools become more powerful and widely available. That makes awareness and strong digital habits more important than ever. Because the next phishing email you receive may not have been written by a person at all.

If AI can now help hackers launch attacks faster and at larger scale, are tech companies moving quickly enough to protect you? Let me know in the comments below.

FOR MORE OF MY TECH TIPS & SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

 

 

Copyright 2026 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.