Cyber Security

How AI has emerged as a triple edged sword in cybersecurity

By Richard Lindsay, Principal Advisory Consultant at Orange Cyberdefense

Defenders and attackers alike have long used AI, cementing the technology as a double-edged sword. However, a third edge has started to emerge: AI as an attack surface for organisations to protect, and criminals to exploit.  

Attackers are now increasingly using AI to boost the efficiency and scalability of attacks, and this has accelerated the industrialisation of the cybercrime landscape. And now, beyond being used as a weapon or tool, AI has become an attack vector in its own right.  

However, the same AI algorithms that underpin criminal campaigns can also help equip organisations to defend themselves.  

An evolving landscape of AI-powered threats   

AI undoubtedly has immense potential for innovation. However, it has also been hijacked by cybercriminals as a tool to execute more sophisticated attacks. For instance, threat actors like Storm-0817 leverage AI to assist in malware development and social media scraping, and groups like the Black Basta collective use AI to create emails across multiple languages to expand their global reach. An example of this would be OpenAI’s recent disruption of malicious operations that were misusing its models to create malware, conduct phishing attacks, and disseminate disinformation.  

Cybercriminals not only appear to be using AI as an assistive tool, but also as a way to fully automate cyber attacks. This was seen late last year, when Anthropic announced its disruption of the first reported AI-orchestrated cyber espionage campaign. During this attack, Anthropic’s agentic AI tool Claude Code was manipulated to intrude on global targets and conduct automated reconnaissance. 

The emergence of Anthropic’s Mythos also points to a potentially even more disruptive development: AI systems that can identify and help exploit previously unknown vulnerabilities. Although currently restricted to vetted users, such capabilities suggest that this vulnerability discovery may soon accelerate well beyond the pace many organisations are prepared to manage. 

As attackers develop skills and competence in their use of AI, it is increasingly likely that sophisticated attacks will become more frequent. 

The double-edged sword becomes a triple threat 

The double-edged sword as we have known it pertains specifically to the use of AI as a tool, like a weapon or shield. The third edge of the sword represents a shift to AI instead becoming a handle for attackers to steer an organisation’s own infrastructure against itself, whether through attackers exploiting plugins used to connect AI tools to enterprise data, or via ‘hijacking’ an AI assistant. As agentic AI becomes increasingly the norm, we will see this more and more.  

This can be seen in the 2025 compromise of the “Drift” AI module linked to Salesloft, which resulted in the theft of Salesforce data from several hundred organisations, including multiple security vendors. During this campaign, the data of Salesforce customers from several hundred organisations, including multiple security vendors, was harvested. The silent data exfiltration during the recent “EchoLeak” campaign against Microsoft 365 Copilot is another example of how emails can deliver malicious instructions to embedded AI assistants. 

This third edge has also been sharpened by the growing problem of Shadow AI, where employees use unauthorised AI tools. This creates an insecure system where confidential and sensitive corporate information is sometimes fed into public models, which can in turn lead to security breaches, data leakage and regulatory concerns.  

Beyond the AI binary of attack and defence  

First and foremost, despite its risks, AI should not be avoided by companies. It offers significant benefits for productivity, offering systems and tools that boost efficiencies for individuals and vast teams alike. When used correctly, with the appropriate protections in place, AI has a great deal to offer. But the benefits must be balanced with the risks. A security-first, human-centric approach should be implemented – keeping humans in the loop for important decision making. This ‘Secure AI’ approach is a transparent system that is compliant with regulation, explainable and meets an organisation’s unique IT needs and company ambitions.  

AI’s neutrality, while making it vulnerable to exploitation, is also a silver lining – because the very same algorithms that can power cyber attacks can also be used to bolster organisations’ defence systems. For instance, where traditional cybersecurity methods fall short, defensive AI can assist in identifying ‘beaconing’ behaviour through pattern recognition, as well as raising discrepancies and anomalies through real-time notifications and enabling prompt investigation alongside required action. Machine learning can also be used in autonomous threat detection and response initiatives.  

Mythos also illustrates AI’s defensive potential. Used in a controlled setting, advanced models may help trusted organisations identify and fix weaknesses in critical software before threat actors can exploit them, reinforcing the case for a secure, human-led adoption model. 

AI’s risk-reward ratio  

The idea of the ‘silver bullet’ in cybersecurity is a myth. AI, like any tool, is prone to misuse and can be poisoned or hijacked. It is subject to the intention of its user, and this dictates its risk-reward ratio.  

To counter this risk, defenders must be trained on the testing of AI systems, and must always remain in the decision making loop to execute what AI cannot adequately do. 

The strategic challenge is not only what AI can discover, but whether organisations can remediate at speed. As AI models shorten the path from vulnerability discovery to exploitation, patching capacity and governance maturity will become even more important. 

As the industrialisation of cybercrime continues to accelerate, success won’t be found in chasing the AI hype alone, but in blunting the technology’s new third edge.  

Author

Related Articles

Back to top button