AI-Powered Cyberattacks Are Rising, New Global Report Warns

A growing number of businesses say artificial intelligence is making them more vulnerable to cyber threats, with more than half already falling victim to AI-powered phishing attacks, according to a new global report.

The study, released Tuesday by cybersecurity firm 11:11 Systems, found that artificial intelligence–driven attacks are now the top concern among IT leaders, reflecting mounting anxiety over how quickly the technology has transformed both cyber defense and cybercrime.

Businesses Struggle to Stay Ahead

Of more than 800 IT leaders surveyed across the U.S., U.K., Canada, France, the Netherlands, Australia, and Singapore, roughly three-quarters said the adoption of AI could make their own organizations more vulnerable to cyberattacks.

Nearly 45% of respondents reported being targeted by AI-generated phishing lures, while 35% said they had already encountered hackers using “autonomous and mutating malware” — malicious code that continuously rewrites itself to evade detection.

“IT and business leaders are very aware of how AI is changing the cybercrime landscape, and many have already felt its effects,” the report stated.

The Double-Edged Sword of AI

While AI can strengthen defenses by detecting suspicious behavior faster than traditional tools, it has also become a powerful weapon for cybercriminals. Attackers can use it to generate convincing phishing emails, mimic executives’ writing styles, and automate social engineering campaigns that trick employees into revealing sensitive information.

Security analysts warn that the accessibility of generative AI models has lowered the barrier to entry for would-be hackers, enabling large-scale, personalized attacks at unprecedented speed.

Overconfidence and Unpreparedness

The 11:11 Systems report also revealed worrying gaps in how companies respond to attacks. Only about a quarter of organizations handle cyber incidents fully in-house, while half rely on a mix of internal and outsourced teams. Another 16% outsource all recovery operations, and 7% admitted to having no formal recovery plan at all.

More than 80% of IT leaders believe their companies are too confident in their ability to recover from a major attack, despite citing limited budgets, insufficient expertise, and overly complex recovery processes as major obstacles.

The Call for Continual Improvement

The findings suggest that while businesses are eager to leverage AI’s benefits, they are often unprepared for its darker side. 11:11 Systems urged companies to treat cybersecurity as a continuous process rather than a one-time investment.

“With AI redefining the rules of both attack and defense, the gap between awareness and readiness is growing,” the report concluded. “The organizations that succeed will be those that constantly evolve their strategies to match the pace of technology itself.”

Photo Credit: DepositPhotos.com