Hackers Pushing Innovation in AI-Enabled Hacking Operations, Google Says
Hackers from a prominent cybercrime group used artificial intelligence to uncover a previously unknown software flaw and an exploit to take advantage of it for the first time, Alphabet’s Google said on Monday.
The incident marks the first time Google has identified attackers using AI to discover a new vulnerability and attempt to exploit it at scale.
John Hultquist, chief analyst at Google Threat Intelligence Group, said the findings likely represent the “tip of the iceberg” in terms of how criminals and state-backed hackers are pushing AI hacking innovation.
The report also detailed how hackers are beginning to hand parts of their cyber operations to artificial intelligence, using it to autonomously hunt for software flaws and help build malware.
The shift marks an early move toward more autonomous cyber operations, as attackers begin to rely on AI systems not just as research tools but as active components that can analyze targets, generate code and make decisions with limited human oversight, the researchers said.
The findings come as governments around the world grapple with how to regulate powerful new AI models that could make it easier for hackers to identify targets and launch attacks using both known and newly discovered software flaws.
The findings echo recent warnings from financial regulators in Europe, who say rapidly evolving AI models are increasing the speed and scale of cyber risks at a time of heightened geopolitical tensions.
Cyber criminals as well as state-linked hacking groups tied to China, Russia and North Korea are already experimenting with integrating AI directly into attack workflows, the report said. While the techniques remain at an early stage, Google warned they could accelerate cyber campaigns by reducing the time and expertise needed to launch complex attacks.