Skip to main content
Threat IntelligenceEmerging Threats

AI Empowers Cyberattacks with Operational Efficiency

Modern tech lab with people working, sleek workstation and laptop in foreground.

"AI-driven threats should be treated as a strategic priority, particularly as the technology continues to evolve," Andy Piazza, senior director of threat intelligence, Unit 42, told the report's author.

AI as a force multiplier, not a new weapon

Unit 42's 2026 Global Incident Response Report characterizes AI primarily as a force multiplier for attackers: a tool that compresses timelines, automates routine work, and lowers barriers to entry. Drawing on hundreds of incident response engagements, Unit 42 documents specific uses — shortening development cycles, automating content generation and streamlining reconnaissance — that have turned attack lifecycles that once took days into operations measured in hours. Yet the report is explicit that the core threat landscape has not fundamentally shifted: recent investigations "are largely consistent with historical patterns."

Established techniques remain the foundation of compromise

Across engagements, Unit 42 observed that threat actors continue to rely on familiar techniques: credential theft, phishing, exploitation of known vulnerabilities and ransomware deployment. The report concludes that while AI amplifies the speed and scale of activity, it has not meaningfully redefined methods of compromise. That distinction is central to the analysts' assessment: defenders "already have the knowledge and capabilities to prevent, detect and respond to AI-enhanced cyberattacks," provided those controls are applied and adapted.

Agentic ransomware, malware calling out to LLMs, and token jacking

Unit 42 documents early but tangible examples of AI-enabled misuse. The report notes cases of malware written with AI assistance and malware that calls out to a large language model (LLM) or Model Context Protocol (MCP) server for command-and-control instructions. In one investigation, researchers identified an agentic ransomware instance that managed multiple stages of an extortion operation; while not fully autonomous, the agent operated across the attack lifecycle and reduced operational complexity and timelines for the adversary.

The report also highlights the rise of token jacking: threat actors exploiting exposed credentials to access cloud AI services and LLM API tokens. Unit 42 warns that such misuse can generate "millions of dollars in unauthorized compute charges" for victims, and that adversaries are moving beyond simple misuse toward training their own malicious models with stolen tokens.

Operational implications for SOCs, prevention, and AI-enabled defense

Unit 42 draws a clear operational lesson: if AI lets attackers operate faster or at greater scale, organizations that rely chiefly on detect-and-respond models may struggle to keep pace. The analysts recommend prioritizing prevention controls rather than assuming security operations center (SOC) teams can absorb high increases in alert volume. Both Andy Piazza and Richard Emerson, senior manager of reactive intelligence, emphasize that defenders will need to "combat AI with AI" to respond in real time — while retaining critical human oversight to understand and correct agent mistakes.

Implications for students, emerging professionals, and enterprises

  • Students and emerging cybersecurity professionals: The report's author, an intern at Palo Alto Networks and a full-time college student, notes a limited role for AI in many academic curricula driven by concerns about academic integrity and the pace of AI innovation. Unit 42 counsels that understanding AI is becoming as essential as traditional security technologies and principles; practitioners must validate AI outputs, spot hallucinations, and know when to escalate to human expertise.
  • Technologists and security teams: Analysts should adapt existing processes and controls to account for AI-driven speed and scale. Unit 42 has not seen a need to redesign cyber defense strategy wholesale, but it urges treating AI-driven threats as a strategic priority and investing in prevention capabilities and AI-enabled detection where appropriate.
  • Enterprises and procurement leaders: The risk of token jacking and unauthorized compute charges underscores the need for tighter credential hygiene around cloud AI services and careful stewardship of API tokens. The report also signals that adopters of AI tools must weigh operational convenience against exposure to rapid adversary exploitation.

Unit 42's reporting is clear: attackers are applying AI to accelerate and scale established tactics rather than inventing a wholly new playbook. The most salient risk today is temporal — the speed at which attacks can unfold — and the path forward is pragmatic. Defenders can use familiar controls and processes, supplemented with AI-savvy people and tools, to blunt the advantage AI currently gives adversaries. As Andy Piazza put it, AI-driven threats warrant strategic attention even if they do not yet require a wholesale redesign of defensive strategies.

Original report