--- title: "AI Is Lowering the Bar for Cyberattacks, and Defenders Are Racing to Keep Up" description: "Hacking skills that once took years to build are increasingly being automated by AI — letting less-skilled attackers craft convincing phishing, find software flaws and move faster than ever. It's a real and rising threat, but defenders have AI too, and the result is an escalating arms race." category: "Tech" category_url: https://boursel.com/category/tech author: "Daniel Okonkwo" published: 2026-06-29T12:43:00.000Z updated: 2026-06-29T12:43:00.000Z canonical: https://boursel.com/article/ai-is-lowering-the-bar-for-cyberattacks-and-defenders-are-racing-to-keep-up tags: ["cybersecurity", "ai", "hacking", "enterprise-risk", "tech"] --- # AI Is Lowering the Bar for Cyberattacks, and Defenders Are Racing to Keep Up Hacking skills that once took years to build are increasingly being automated by AI — letting less-skilled attackers craft convincing phishing, find software flaws and move faster than ever. It's a real and rising threat, but defenders have AI too, and the result is an escalating arms race. The skills needed to mount a serious cyberattack are being commoditized. Tasks that once demanded years of expertise — writing convincing phishing lures, hunting for software vulnerabilities, automating an intrusion — can increasingly be handled, or sped up, by **AI tools**. The threat is real and measurable; it is also not one-sided, because the same technology is arming defenders. Here's the state of that arms race. ## Attacks are faster and more automated Security firms are seeing the shift in their data. **CrowdStrike's 2026 Global Threat Report** documented a sharp rise in activity it attributes to **AI-enabled adversaries** — using AI to scale social engineering and automate reconnaissance, [the firm said](https://www.crowdstrike.com/en-us/blog/crowdstrike-2026-global-threat-report-findings/). One telling metric is **"breakout time"** — how long after breaching a network an attacker takes to spread to other systems — which CrowdStrike says has fallen to **well under an hour**, with the fastest cases measured in seconds. The window to react is shrinking elsewhere too. By **IBM's X-Force** analysis, the time between a vulnerability being disclosed and being exploited has **collapsed** over recent years, [as AI accelerates the hunt for weaknesses](https://newsroom.ibm.com/2026-02-25-ibm-2026-x-force-threat-index-ai-driven-attacks-are-escalating-as-basic-security-gaps-leave-enterprises-exposed). The barrier to entry has dropped with it: incident responders describe capabilities once reserved for skilled operators now within reach of amateurs through cheap, off-the-shelf AI services. (Explainers: **phishing** is tricking someone into handing over credentials or money; a **vulnerability** is a software flaw an attacker can exploit; **social engineering** is manipulating people rather than machines.) ## The Mythos flashpoint The double-edged nature of the technology is captured by a model Boursel has covered. **Anthropic's "Mythos"** proved so capable at finding vulnerabilities and generating exploits that the company **restricted its release and disabled cyber features** in the public version, granting full access only to vetted defenders, [CNBC reported](https://www.cnbc.com/2026/04/07/anthropic-claude-mythos-ai-hackers-cyberattacks.html) — and the US government separately curbed foreign access on national-security grounds. But restriction has limits. As we reported, China's **Z.ai** released an **open-weight** model, GLM-5.2, that it claims rivals Mythos at vulnerability-finding — and an open model is hard to fence in, with users quickly circulating "jailbreaks" to strip its safety guardrails. The lesson: export controls on one company's model do little when a capable open alternative exists, and they may **shift** the threat rather than remove it. ## Defenders have AI too This is an **arms race, not a rout**. The same tools that speed attacks also power defense — automated threat detection, faster patching, and AI "co-pilots" in security operations centers that can compress investigations from many minutes to a couple. Industry surveys point to a rapid rise in organizations adopting AI-augmented security tools, and national cyber agencies including the US **CISA** and the UK's **NCSC** have urged faster patching as AI quickens the discovery of flaws. The edge tends to go to whoever moves fastest — and well-resourced defenders are moving. ## The business and money angle For companies, this is a **balance-sheet** issue, not just an IT one. Confidential data, trade secrets and operations are exposed to a larger pool of capable attackers, which is feeding **rising demand for cybersecurity** products and services — and, by industry accounts, **higher cyber-insurance premiums** as insurers price in AI-driven risk. Many executives report feeling under-protected. The practical takeaways are familiar but newly urgent: patch quickly, train staff against ever-more-convincing phishing, and assume attackers now have automation on their side. ## The bottom line The honest framing avoids both complacency and panic. AI has genuinely **lowered the barrier** to capable cyberattacks and sped them up — that much the threat data supports. But it has also handed defenders powerful new tools, and the contest is being decided less by who *has* AI than by who **deploys it faster and patches sooner**. For investors and operators, the signal is clear: cyber risk is rising in step with AI's spread, and the spending to contain it is climbing too. ## Sources - [CrowdStrike 2026 Global Threat Report](https://www.crowdstrike.com/en-us/blog/crowdstrike-2026-global-threat-report-findings/) - [Anthropic limits rollout of its Mythos AI model over cyberattack capabilities](https://www.cnbc.com/2026/04/07/anthropic-claude-mythos-ai-hackers-cyberattacks.html)