Adversaries Using AI as a Force Multiplier for Cyberattacks
Artificial intelligence is changing attacker tradecraft in familiar ways: not by inventing brand-new crimes, but by increasing speed, volume, and believability. Phishing kits now produce fluent, localized messages at scale. Voice cloning makes a hurried “CEO call” sound real. Synthetic video can support social-engineering pretexts. The result is more convincing lures, delivered more often, with less effort.
AI also helps on the back end. Models can summarize stolen data to find what is valuable, generate variations of payloads to evade simple detections, and prioritize targets based on the signals an attacker cares about, like likelihood to click or pay. For defenders, this raises the baseline. We must assume more polished outreach, faster iteration, and campaigns that learn.
U.S. government guidance has flagged these risks clearly, including the rise of synthetic media in fraud and influence operations and the need for organizations to prepare playbooks that treat media as claims until verified.
Security Operations Are Adapting Too
When it comes to AI, security teams are engaged on two distinct fronts. The first involves leveraging AI to reduce noise and increase focus. Typical use cases include triaging alert floods, summarizing incident timelines, drafting initial hunt queries from natural language, and assisting with routine response steps under human approval. Increasingly, analysts are also turning to AI during active investigations—for example, decoding heavily obfuscated URLs, breaking down complex JavaScript, or clarifying unfamiliar attack techniques. The aim is not to replace analysts but to move them up the value chain, so judgment and context drive outcomes while machines handle repetitive parsing and translation tasks.
The second front is the security of AI itself. As organizations adopt AI-enabled tools, they must account for prompt injection, data leakage, model misuse, and integrity of training data. That means adding AI-specific risks into governance, risk, and compliance processes rather than treating AI as a black box.
NIST’s AI Risk Management Framework (AI RMF 1.0) and its Generative AI profile remain a practical way to integrate AI concerns into existing programs, from identifying use cases and impacts to measuring, managing, and governing risk. They are technology-neutral and designed for real organizations, not just research labs. However, organizations should also be aware that the U.S. Department of Defense has announced the Cybersecurity Risk Management Construct (CSRMC) as the official successor to the Risk Management Framework (RMF). CSRMC emphasizes automation, continuous monitoring, and real-time defense, and while it introduces new processes, it continues to align with NIST principles and control baselines. This shift signals that AI and cybersecurity risk governance practices may evolve further to reflect CSRMC’s lifecycle approach.
The Trust Gap
As synthetic content becomes easier to produce, traditional trust signals are degrading. The old cues—polished grammar, a recognizable voice, an embedded logo—no longer prove much. Two primary problems emerge from this. First is Provenance, which questions if audio, video, image, or text is authentic and whether it has been altered. Second is model trustworthiness, which asks if an AI used to summarize, translate, or reason about something has failed silently, hallucinated, or been manipulated.
Bridging the gap requires process, not just tools. Treat media as claims that demand verification. Require internal checks and approvals before acting on “urgent” requests that change money movement or access. For AI uses, document the purpose, data sources, review steps, and escalation paths. NIST’s AI RMF gives a common vocabulary for these controls so they can be audited and improved over time.
Preparing for the Future
Organizations do not need to boil the ocean. Focus on a few durable moves that survive hype cycles:
- Make identity resilient. Prioritize phishing-resistant MFA for high-risk users and systems, using FIDO2/WebAuthn or PIV/CAC where feasible. If you cannot get there immediately, adopt stronger stopgaps and plan a phased rollout. Pair MFA with session management and conditional access so risk signals actually change decisions. CISA provides clear guidance on the why and the how at CISA Implementing Phishing-Resistant MFA Link.
- Adopt Zero Trust principles. Assume compromise, minimize implicit trust, and continuously verify users, devices, and workloads. Use authoritative references to plan roadmaps and measure maturity over time. NIST’s SP 800-207 defines the architecture, and CISA’s Zero Trust Maturity Model v2.0 helps sequence capabilities across identity, devices, networks, applications, data, and cross-cutting practices. NIST SP 800-207 Link.
- Instrument for visibility. Log authentication events, admin changes, and data access. Keep enough history to investigate patterns, not just single alerts. Summarization can help analysts, but ensure human review for high-impact actions.
- Harden email and web front doors. Layer defenses for phishing and business email compromise, and protect public web properties against abuse and fraud. Treat brand impersonation and synthetic media as expected conditions. Government advisories on synthetic media offer practical mitigations and user-education talking points.
- Govern AI like any other powerful system. Register use cases, define acceptable data, require human approvals for sensitive actions, and test for abuse paths. Use NIST’s AI RMF artifacts, which are available at NIST AI RMF, to align stakeholders and document decisions.
Closing Thought
AI accelerates what already works for adversaries. The counter is not a silver bullet, but a set of steady, defensible fundamentals: strong identity, continuous verification, clear provenance, and disciplined operations. If we combine those with thoughtful AI governance, we can keep pace without chasing every new headline.
