Recent developments in artificial intelligence highlight its potential to autonomously compromise cloud systems, as demonstrated by researchers at Palo Alto Networks. With the creation of an AI named Zealot, these experts sought to determine how effectively AI could navigate and exploit cloud environments without direct human guidance.
AI’s Role in Cyber Espionage
In November 2025, an analysis by Anthropic revealed that a Chinese espionage campaign utilized AI to conduct up to 90% of its operations, with human input being minimal. Inspired by these findings, Palo Alto Networks’ Unit 42 embarked on a mission to test AI’s capabilities in live cloud settings.
Zealot, the AI system developed for this purpose, was tested on a controlled Google Cloud Platform environment laden with deliberate vulnerabilities. The system’s objective was set to exfiltrate sensitive data from BigQuery, operating without detailed instructions beyond the initial goal.
Innovative Autonomous Strategies
Built on a ‘supervisor-agent’ framework, Zealot coordinated among three sub-agents tasked with different aspects of the infiltration process: network mapping, web application exploitation, and cloud security operations. This structure allowed for dynamic strategy adjustments, akin to human-led red team operations.
Zealot autonomously scanned the network, exploited vulnerabilities, and successfully exfiltrated data, showcasing its ability to adapt and improvise. Notably, it demonstrated emergent intelligence by injecting private SSH keys to maintain persistent access, a tactic not initially programmed.
Implications for Cloud Security
While Zealot exhibited high efficiency, occasional lapses into unproductive loops highlighted the need for some human oversight. This experiment underscores the potential of AI to execute complex cyber-attacks faster than traditional human methods, challenging existing defense mechanisms.
Researchers warn that conventional detection systems, designed around human attack patterns, may struggle to identify AI-driven intrusions. They advocate for proactive measures, such as auditing cloud permissions and integrating AI-powered defenses, to counter these evolving threats.
As AI continues to evolve, its dual role as both a tool and a threat in cybersecurity is becoming increasingly evident. Organizations must remain vigilant, adapting their strategies to protect against these sophisticated autonomous attacks.
