Cyber attacks utilising artificial intelligence technology have risen by 89 per cent in the past year and are altering the online threat landscape completely, according to new research from CrowdStrike.
The 2026 Global Threat Report from the American cybersecurity firm shows a fast-changing and ever-more ferocious cyber threat landscape enabled by the rise of AI tools.
In addition to a significant increase in AI-driven cyberattacks, the report found that AI is enabling cybercriminals to travel across hacked networks at higher speeds from the initial penetration point.
AI helped hackers increase the speed of their nefarious activities by 65 per cent between 2024 and 2025, with the average cyber attack breakout time being just 29 minutes last year. The fastest was 27 seconds, and CrowdStrike also logged an instance of data exfiltration happening in four minutes.
As well as leveraging AI tools to create more convincing cyber attacks and to increase their frequency, hackers are also actively targeting genuine AI tools. CrowdStrike found that 90 AI companies were breached by hackers. They were able to steal personal information and cryptocurrency after hacking into these companies and infecting their software with malicious code.
CrowdStrike said hackers are also breaching AI development platforms for conducting ransomware attacks and deceiving people into parting with their credentials by tricking them into thinking dodgy AI servers are real online services.
AI continues to be a big focus for nation-state hackers, too. According to CrowdStrike, Russia-nexus FANCY BEAR used large language models for deploying malware. Doing so enabled them to spy on victims and steal documents by automated means.
Chinese-linked hackers also see the benefits of AI technology for hacking, with the tech leading to a 38 per cent increase in China-nexus activity. The logistics industry was their biggest focus in 2025; attacks targeting this sector grew by 85 per cent. In 67 per cent of attacks conducted by Chinese-linked threat actors, system access was immediate. And a further 40 per cent of their attacks impacted internet edge devices.
In North Korea, hacking also continues to increase thanks to AI technology. CrowdStrike detected a 120 per cent increase in cybercrime perpetrated by hackers with links to the North Korean regime.
2025 was a busy year for FAMOUS CHOLLIMA, in particular, with its hacking campaigns increasing twofold. It masterminded the biggest ever financial robbery, totalling $1.46 billion of stolen cryptocurrency.
Besides AI cyber attacks, zero-day and cloud exploits also increased in 2025. CrowdStrike found that hackers exploited zero-day vulnerabilities before they were made public by the affected companies 42 per cent of the time. Meanwhile, there was a 37 per cent growth in cloud-based cyber attacks.
Adam Meyers, head of counter adversary operations at CrowdStrike, said: “This is an AI arms race. Breakout time is the clearest signal of how intrusion has changed.
“Adversaries are moving from initial access to lateral movement in minutes. AI is compressing the time between intent and execution while turning enterprise AI systems into targets. Security teams must operate faster than the adversary to win.”
