The rising threat of AI Agents in cybersecurity: What businesses must know

The tech world is buzzing with excitement over the potential of AI "agents" that can autonomously execute tasks, but for cybersecurity professionals, these AI agents pose a significant new challenge. As we move into 2025, security experts are sounding alarms about the potential dangers posed by "agentic" AI tools—systems capable of performing multi-step problem-solving and acting independently. These agents could become one of the most formidable threats to organizations worldwide, making cybercrime more sophisticated and relentless than ever before.

'Watch out for AI Agents.'

Surasak Suwanmake/Getty Images

While the hype surrounding generative AI tools like OpenAI's GPT models has yet to manifest in catastrophic levels of AI-driven hacks, the introduction of autonomous AI agents marks a critical turning point. These tools represent an upgrade for cybercriminals, shifting their role from passive assistants to active, tireless collaborators. The fear is that these AI agents could overwhelm cybersecurity defenses, escalating the frequency and severity of cyberattacks at a time when security teams are already stretched thin.

Mark Stockley, a cybersecurity evangelist at Malwarebytes, explains that AI agents could lead to a surge in “big game” attacks—targeting high-profile companies with massive financial resources. These attacks, previously limited by the human workforce's capabilities, could now scale dramatically with the help of AI agents. "AI agents could dramatically expand big game ransomware attacks, allowing cybercriminals to bypass the scaling problems they’ve traditionally faced," Stockley warns.

Recent research from Google's Threat Analysis Group underscores the growing complexity of cybercrime. Increasing collaboration between criminal hackers and nation-state actors, as well as the growing resilience of the cybercrime ecosystem, makes it more difficult for law enforcement to disrupt malicious activity. Sandra Joyce, VP of Google Threat Intelligence, notes that the cybercrime marketplace has made all actors replaceable, highlighting the challenge of tackling these persistent threats.

The Velocity of Risk: How AI is Changing the Cybersecurity Landscape

Experts agree that current AI models are already becoming powerful tools for malicious cybersecurity activities. OpenAI's February 2024 report highlights the shift from incremental advancements to more robust AI capabilities in cybercrime. As AI tools for software development evolve, so too will the vulnerabilities that hackers can exploit, leading to a rise in bad code and more potential entry points for cyberattacks.

Jeff Williams, co-founder and CTO of software security firm Contrast Security, emphasizes that AI-generated code will inherit the flaws of its training data, leading to an increase in vulnerabilities. "More code, more vulnerabilities, more velocity, and more risk for consumers," Williams warns.

Malwarebytes' Stockley also points out that AI agents could tip the balance in favor of cybercriminals. Traditionally, ransomware attacks have been limited by the number of skilled hackers available, but AI agents could easily scale these efforts, making high-profile attacks more common and harder to stop.

AI-Driven Cyberattacks: Phishing, Ransomware, and Beyond

AI agents will enable hackers to launch more convincing and widespread attacks. Take email phishing, for example: generative AI can now create highly realistic phishing lures, making it harder for victims to detect fraud. While these attacks may become more believable, the real game-changer is the use of AI agents to guide cybercriminals after a successful scam. These agents could assist hackers in turning a simple malicious click into a profitable enterprise, automating much of the process and significantly expanding the scope of attacks.

For businesses to stay ahead of the curve, Stockley suggests investing in automation to minimize attack surfaces and allow security teams to focus on more complex tasks. In the long term, companies may need to implement AI-driven cybersecurity tools to counteract the growing threat posed by AI-powered cybercriminals.

Growing Concerns About State-Sponsored Cybercrime

A worrying trend is the increasing involvement of state-backed actors in cybercrime. The overlap between nation-state espionage activities and financially motivated cyberattacks is becoming more pronounced. Russia, for instance, has used the RomCom cybercrime group for espionage during its invasion of Ukraine, while countries like Iran and North Korea use ransomware attacks to fund their activities. As these state-backed hackers often have far more resources than typical cybercriminals, businesses must be prepared for the possibility of facing highly sophisticated attacks.

Google’s report highlights that the sheer volume of financially motivated cyberattacks is putting a strain on defenders worldwide, diminishing their readiness and contributing to burnout among cybersecurity professionals. For businesses, this escalating threat presents an urgent need to modernize their security infrastructure. Legacy systems remain a common target for both ransomware gangs and state-backed actors, making system updates an essential first line of defense.

Protecting Your Organization from AI-Powered Cyber Threats

The emergence of AI agents in cybercrime signals a significant shift in the cybersecurity landscape. As these tools evolve, businesses must adapt by investing in advanced security measures, including AI-driven defense mechanisms, to protect their assets and data. Proactive measures, such as modernizing legacy systems and integrating automation, will be crucial in staying ahead of increasingly sophisticated cybercriminal tactics.

As AI continues to reshape the future of cybersecurity, organizations must remain vigilant and prepare for the next generation of cyber threats driven by autonomous, agentic AI systems.