The arrival of AI-driven cyber warfare is no longer a future threat; it is a present reality. As of September 2025, Anthropic reported a significant cyberattack executed with minimal human involvement, signaling a shift in the landscape of cybersecurity.
AI-enabled attacks have already impacted organizations, with Armis’ 2026 report showing that 92% of U.S. IT leaders are worried about these threats, and 64% have been directly affected in the past year. Attackers operate at unprecedented speeds, leaving defenders reliant on outdated methods.
AI-Driven Threats Challenge Cyber Defenses
The disparity between attack and defense capabilities highlights the urgency for new strategies. Many organizations still detect threats reactively, which is insufficient against AI’s rapid capabilities. Royal Hansen from Google highlighted persistent vulnerabilities, such as outdated systems and misconfigured clouds, as major risks in his testimony to the U.S. House Committee on Homeland Security in December 2025.
Hansen emphasized the potential of AI to enhance security operations, allowing for faster threat detection and response. As adversaries harness autonomous technologies, defenders must adopt similar strategies, pivoting towards collective defense systems.
Case Study: AI in Action
One significant incident involved GTG-1002, a Chinese state-backed group, utilizing AI for large-scale attacks. Their use of Claude Code, an agentic AI, allowed for near-total automation of attack processes, with human input limited to a few strategic decisions.
This AI managed network mappings, identified critical systems, and extracted valuable data autonomously. Such capabilities lower the barriers to conducting complex cyber assaults, underscoring the need for advanced defensive architectures.
Embracing Collective Defense
In response to these evolving threats, the cybersecurity industry must transition to a collective defense model. This approach involves shared intelligence and real-time threat analysis, akin to a communal navigation system for security threats.
Federated learning allows organizations to collaborate on AI training without exposing sensitive data, while differential privacy safeguards collective information. This model not only addresses data overload but also enhances context for threat prioritization and response.
The need for an architectural shift in cybersecurity is clear. Traditional methods cannot counter the speed and sophistication of AI-driven attacks. Collective defense offers a scalable solution, empowering defenders to meet the challenges posed by nation-state adversaries effectively.
Join discussions on these critical topics at the AI Risk Summit at the Ritz-Carlton, Half Moon Bay.
