February 26, 2026
AI Safety Regulation Geopolitics EN / FR
INHUMAIN.AI
The Watchdog Platform for Inhuman Intelligence
Documenting What Happens When Intelligence Stops Being Human
AI Incidents (2026): 847 ▲ +23% | Countries with AI Laws: 41 ▲ +8 YTD | HUMAIN Partnerships: $23B ▲ +$3B | EU AI Act Fines: €14M ▲ New | AI Safety Funding: $2.1B ▲ +45% | OpenAI Valuation: $157B ▲ +34% | AI Job Displacement: 14M ▲ +2.1M | HUMAIN Watch: ACTIVE 24/7 | AI Incidents (2026): 847 ▲ +23% | Countries with AI Laws: 41 ▲ +8 YTD | HUMAIN Partnerships: $23B ▲ +$3B | EU AI Act Fines: €14M ▲ New | AI Safety Funding: $2.1B ▲ +45% | OpenAI Valuation: $157B ▲ +34% | AI Job Displacement: 14M ▲ +2.1M | HUMAIN Watch: ACTIVE 24/7 |
SECTORS

AI and Cybersecurity: The Attacker's Best Friend, The Defender's Last Hope

An investigation into the dual-use nature of AI in cybersecurity — AI-powered phishing, deepfake social engineering, automated vulnerability discovery, defensive AI, nation-state cyber operations, critical infrastructure risks, disinformation campaigns, and the quantum computing intersection.

INHUMAIN.AI Editorial · February 26, 2026 · 23 min read

The Arms Race Nobody Can Afford to Lose

Cybersecurity has always been an arms race. Attackers develop new techniques; defenders build new walls; attackers find ways around them. For decades, this cycle moved at human speed — researchers discovering vulnerabilities, hackers exploiting them, security teams patching them, sometimes over weeks or months.

AI has compressed this cycle to hours. In some cases, minutes. And the compression is asymmetric: AI amplifies offensive capabilities faster than defensive ones, because attacking a system requires finding one weakness while defending it requires closing every weakness. The mathematics of this asymmetry have always favored attackers. AI makes the imbalance worse.

The global cost of cybercrime reached an estimated $10.5 trillion annually in 2025, according to Cybersecurity Ventures. That figure is expected to exceed $15 trillion by 2030 as AI supercharges both the sophistication and scale of attacks. The cybersecurity industry, valued at approximately $200 billion, is growing at 12-15% annually — and still falling behind.

This is the sector where AI’s dual-use nature is most starkly visible. The same language model that helps a security analyst write detection rules helps an attacker craft undetectable phishing emails. The same image generation model that creates marketing content creates deepfake identity documents. The same reinforcement learning system that optimizes network defense optimizes network infiltration.

AI-Powered Offense: The Attacker’s Toolkit

Automated Phishing at Scale

Phishing remains the most common initial attack vector, responsible for approximately 36% of all data breaches according to Verizon’s 2025 Data Breach Investigations Report. AI has transformed phishing from a crude, mass-blast technique into a precision instrument.

Traditional phishing relied on generic messages sent to thousands of targets, hoping that a small percentage would click. The messages were often poorly written, generically addressed, and relatively easy to detect. AI-powered phishing is different in kind:

  • Personalization: Large language models scrape targets’ social media profiles, professional histories, and communication patterns to generate messages that reference specific colleagues, projects, and personal details. A 2025 study by cybersecurity firm SlashNext found that AI-generated phishing emails had click-through rates 3-4 times higher than traditional phishing.

  • Linguistic sophistication: AI-generated phishing messages are grammatically flawless, stylistically appropriate, and contextually relevant. The telltale signs that trained users to recognize phishing — broken English, generic greetings, implausible urgency — are absent.

  • Scale: A single attacker with access to an LLM can generate thousands of unique, personalized phishing messages per hour. The economics of phishing have shifted from labor-intensive (researching individual targets) to capital-intensive (computing resources for AI generation).

  • Voice phishing (vishing): AI voice cloning tools from ElevenLabs, Resemble AI, and others enable attackers to replicate the voice of a target’s manager, family member, or colleague. In 2024, a Hong Kong finance worker transferred $25 million after a video call with what appeared to be the company’s CFO — actually a real-time deepfake.

Deepfake Social Engineering

Deepfake technology has moved social engineering attacks from text-based deception to multimedia deception. The $25 million Hong Kong case was not isolated. The FBI reported a significant increase in deepfake-facilitated business email compromise attacks in 2025, with losses exceeding $2 billion.

The attack pattern is evolving rapidly:

Attack Vector AI Enhancement Detection Difficulty
Email phishing LLM-generated personalized text Medium (behavioral analysis)
Voice phishing Real-time voice cloning High (minimal detection tools)
Video call impersonation Real-time deepfake video Very High (emerging detection)
Identity document fraud AI-generated fake IDs High (document verification failing)
Social media manipulation AI-generated fake profiles Very High (platform detection limited)

Automated Vulnerability Discovery

AI is accelerating the discovery of software vulnerabilities — a capability with profound dual-use implications. Google’s Project Zero and DeepMind have used AI to discover previously unknown vulnerabilities in widely used software. In 2024, Google reported that an AI system discovered a vulnerability in SQLite, a database engine used by billions of devices, before any human researcher identified it.

DARPA’s AI Cyber Challenge (AIxCC), launched in 2023, explicitly funds the development of AI systems that can discover and patch vulnerabilities autonomously. The 2024 competition at DEF CON demonstrated that AI systems could find and fix vulnerabilities in complex codebases faster than human security researchers in some categories.

The offensive implication is clear: the same technology that discovers vulnerabilities for patching discovers them for exploitation. Nation-state actors and sophisticated criminal groups are investing heavily in AI-powered vulnerability research, seeking zero-day exploits that can penetrate targets before patches exist.

AI Malware

AI is enabling new categories of malware that adapt to defensive measures in real time:

  • Polymorphic malware: AI-generated malware that rewrites its own code to evade signature-based detection, producing functionally identical variants with entirely different binary signatures.
  • Adversarial evasion: Malware that uses adversarial machine learning techniques to fool AI-based detection systems, subtly modifying its behavior to stay below detection thresholds.
  • Context-aware malware: AI-powered malware that analyzes the target environment before deploying its payload, waiting for optimal conditions and mimicking legitimate behavior to avoid behavioral detection.

A 2025 report from Palo Alto Networks’ Unit 42 threat intelligence team documented a 300% increase in AI-enhanced malware samples detected in the wild between 2023 and 2025, with particular growth in polymorphic variants designed to evade next-generation endpoint detection platforms.

AI-Powered Defense: The Security Analyst’s Force Multiplier

Threat Detection and Response

Defensive AI is not new — machine learning-based threat detection has been a standard cybersecurity tool for over a decade. Network anomaly detection systems from Darktrace, Vectra AI, and CrowdStrike use unsupervised learning to establish baseline behavior patterns and flag deviations that may indicate intrusion.

What has changed is the sophistication and scale of defensive AI:

  • Behavioral analytics: Modern Security Information and Event Management (SIEM) platforms from Splunk, Microsoft Sentinel, and Google Chronicle use AI to correlate events across thousands of data sources, identifying attack patterns that no human analyst could detect in real time.
  • Automated investigation: AI-powered Security Orchestration, Automation, and Response (SOAR) platforms automatically triage alerts, gather contextual information, and execute response playbooks, reducing mean time to respond from hours to minutes.
  • Threat intelligence: AI systems process millions of indicators of compromise (IOCs), malware samples, and threat reports daily, identifying emerging threats and automatically updating defenses.

The SOC Transformation

The Security Operations Center (SOC) — the nerve center of organizational cybersecurity — is being transformed by AI. Traditional SOCs process thousands of alerts daily, the vast majority of which are false positives. Human analysts spend 80% of their time triaging alerts rather than investigating genuine threats.

AI-powered SOC tools from companies like SentinelOne, CrowdStrike, and Palo Alto Networks have reduced alert volumes by 70-90% through intelligent triage, while simultaneously improving detection of genuine threats. The result is a SOC staffed by fewer analysts who focus on complex investigations rather than alert processing.

SOC Metric Pre-AI (2020) AI-Enhanced (2026) Change
Daily alert volume per analyst 500-1,000 50-100 (after AI triage) -90%
Mean time to detect (MTTD) 207 days 72 days -65%
Mean time to respond (MTTR) 73 days 21 days -71%
False positive rate 80-95% 40-60% -40%
Analyst burnout rate Very High Moderate Improved

The Detection-Evasion Spiral

The fundamental challenge of defensive AI mirrors the broader AI safety problem: adversarial robustness. AI detection systems are vulnerable to adversarial attacks — inputs specifically crafted to cause misclassification. An attacker who understands the architecture and training data of a defensive AI system can craft attacks designed to evade it.

This creates an escalating spiral: defenders deploy AI detection, attackers develop AI evasion, defenders retrain models to detect evasion, attackers develop new evasion techniques. Each cycle increases the sophistication of both sides and the cost of participation, which disadvantages smaller organizations that cannot afford the latest defensive AI while sophisticated attackers continually improve their tools.

Nation-State AI Cyber Operations

The Big Four

Nation-state cyber operations — conducted by the United States, China, Russia, and increasingly Iran, North Korea, and Israel — have integrated AI into their capabilities:

  • China: The People’s Liberation Army Strategic Support Force has invested heavily in AI-powered cyber operations. Chinese APT groups (Advanced Persistent Threat actors) have been observed using AI for automated reconnaissance, vulnerability exploitation, and data exfiltration. Microsoft and CrowdStrike reported in 2025 that Chinese state-sponsored groups were using LLMs to generate social engineering content and develop exploitation tools.

  • Russia: Russian intelligence services, particularly the GRU and FSB, have deployed AI for disinformation operations, election interference, and critical infrastructure targeting. The SolarWinds campaign, while not AI-powered, represented the sophistication of Russian operations; subsequent campaigns have incorporated AI for evasion and persistence.

  • United States: U.S. Cyber Command and the NSA have invested significantly in AI-powered offensive and defensive capabilities. The Pentagon’s Joint Artificial Intelligence Center (JAIC), reorganized as the Chief Digital and Artificial Intelligence Office (CDAO), coordinates military AI development including cyber operations.

  • North Korea: The Lazarus Group and related North Korean cyber units have used AI tools for cryptocurrency theft, ransomware development, and social engineering targeting of defense contractors and financial institutions. North Korean cyber operations generate an estimated $1.5-$3 billion annually for the regime.

The Attribution Problem

AI complicates cyber attribution — the already-difficult task of identifying who is responsible for a cyberattack. AI-generated attack tools can mimic the tactics, techniques, and procedures (TTPs) of other threat actors, creating false flag operations of unprecedented sophistication. AI-assisted operations can be conducted from shared infrastructure, using tools available to multiple actors, making definitive attribution nearly impossible in many cases.

This attribution challenge has profound implications for deterrence. If a nation cannot reliably determine who attacked it, it cannot credibly threaten retaliation, and the deterrent value of offensive cyber capabilities is diminished.

Critical Infrastructure: The Catastrophic Scenario

The Convergence of IT and OT

The digitization of critical infrastructure — power grids, water systems, transportation networks, telecommunications, financial systems — has created an attack surface of enormous consequence. Operational Technology (OT) systems that control physical infrastructure were historically isolated from information technology (IT) networks. That isolation has eroded as organizations pursue efficiency through digital integration.

AI amplifies the risk to critical infrastructure in several ways:

  • Attack sophistication: AI enables attackers to develop tailored attacks against industrial control systems (ICS) and SCADA (Supervisory Control and Data Acquisition) systems that account for the specific configurations and behaviors of target infrastructure.
  • Scale: AI-powered attacks can simultaneously target multiple infrastructure systems, overwhelming defensive resources and creating cascading failures.
  • Speed: AI-powered attacks can operate faster than human defenders can respond, exploiting the gap between detection and response.

Documented Incidents

The threat is not theoretical. The 2015 and 2016 cyberattacks on Ukraine’s power grid, attributed to Russian actors, demonstrated that cyberattacks can cause real-world infrastructure disruption. The 2021 Colonial Pipeline ransomware attack shut down the largest fuel pipeline in the United States for six days, causing fuel shortages across the East Coast. The 2023 attack on a water treatment facility in Oldsmar, Florida, temporarily altered chemical treatment levels to potentially dangerous concentrations.

None of these attacks used advanced AI. The concern is what happens when the sophistication of nation-state actors and the enabling power of AI are brought to bear against infrastructure targets. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified AI-powered attacks on critical infrastructure as a top-tier national security threat.

AI and Disinformation Campaigns

The Industrialization of Falsehood

AI has industrialized the production of disinformation. The resources required to create convincing fake content — text, images, audio, video — have dropped by orders of magnitude. A state-sponsored disinformation campaign that once required a building full of human operatives (Russia’s Internet Research Agency employed hundreds) can now be operated by a small team with access to generative AI tools.

The characteristics of AI-powered disinformation that make it particularly dangerous:

  • Volume: AI can generate millions of unique social media posts, comments, and articles, overwhelming fact-checking resources and platform moderation.
  • Personalization: AI can tailor disinformation to specific audiences based on demographic data, political affiliation, and psychological profiles, maximizing persuasive impact.
  • Multimedia: AI-generated images, audio, and video add false credibility to fabricated narratives in ways that text alone cannot.
  • Adaptability: AI systems can monitor the performance of disinformation campaigns in real time and adjust messaging, targeting, and content to maximize engagement and impact.

The Platform Response

Social media platforms have deployed AI-powered content moderation to combat disinformation, with mixed results. Meta’s AI moderation systems process billions of posts daily and claim to remove 97% of hate speech before it is reported by users. But adversarial disinformation is specifically designed to evade automated detection, and the accuracy of AI content moderation for nuanced disinformation (as opposed to obvious hate speech) remains limited.

The fundamental problem is that AI-generated disinformation and AI-powered detection are trained on similar architectures and data, creating a symmetric arms race with no clear endpoint. Detection will always be playing catch-up, because detection requires identifying known patterns while disinformation requires only creating new ones.

The Cybersecurity Workforce Gap

The Numbers

The global cybersecurity workforce shortage stands at approximately 4 million unfilled positions as of 2026, according to (ISC)2. The United States alone has over 750,000 unfilled cybersecurity positions. The gap has grown every year for over a decade despite massive investment in cybersecurity education and training.

AI is simultaneously the cause and the potential solution. AI increases the sophistication and volume of threats, requiring more skilled defenders. But AI also automates routine defensive tasks, allowing existing defenders to operate more effectively. The net effect is debated: pessimists argue that AI-powered threats will outpace AI-powered defenses, widening the effective gap. Optimists argue that AI automation will reduce the need for routine security analysts while creating demand for fewer but more skilled AI security specialists.

The Skills Transformation

The cybersecurity skills required are shifting. Traditional skills — network monitoring, incident response, malware analysis — remain essential but are increasingly augmented by AI. Emerging skills — AI/ML security, adversarial machine learning, AI system auditing, prompt injection defense — are in extreme demand with virtually no established training pipeline.

Universities and training organizations are scrambling to develop curricula that combine cybersecurity fundamentals with AI competency. SANS Institute, Offensive Security, and (ISC)2 have all launched AI-specific cybersecurity certifications. But the pace of AI advancement outstrips the pace of educational program development, ensuring that the skills gap will persist for years.

Quantum Computing: The Looming Disruption

The Cryptographic Threat

Quantum computing does not exist at scale today, but its eventual arrival poses a fundamental threat to cybersecurity. Most current encryption — RSA, elliptic curve cryptography, Diffie-Hellman key exchange — relies on mathematical problems that are computationally intractable for classical computers but solvable by sufficiently powerful quantum computers.

The timeline for quantum computers capable of breaking current encryption is debated. IBM, Google, and other quantum computing developers project that error-corrected quantum computers with sufficient qubit counts to threaten RSA-2048 may be available by 2030-2035. Some researchers believe this timeline is optimistic; others argue it is conservative.

Harvest Now, Decrypt Later

The most immediate quantum threat is not future decryption but present data collection. Nation-state actors are believed to be harvesting encrypted data now — classified communications, financial records, intellectual property — with the intention of decrypting it when quantum computers become available. This “harvest now, decrypt later” strategy means that data encrypted today may not be secure tomorrow.

Post-Quantum Cryptography

The response is the development and deployment of post-quantum cryptography — encryption algorithms that resist quantum attacks. In 2024, NIST finalized its first post-quantum cryptographic standards: CRYSTALS-Kyber (key encapsulation) and CRYSTALS-Dilithium (digital signatures). The migration to post-quantum cryptography has begun across government and financial systems, but the full transition will take years to decades.

AI intersects with quantum cybersecurity in multiple ways. AI is being used to optimize quantum error correction, accelerate quantum algorithm development, and identify vulnerabilities in post-quantum cryptographic implementations. The convergence of AI and quantum computing could create capabilities — both offensive and defensive — that are difficult to predict with current understanding.

The Dual-Use Dilemma

The fundamental challenge of AI in cybersecurity is that the same capabilities serve attackers and defenders. There is no purely defensive AI technology; every defensive capability can be repurposed offensively, and every offensive capability provides insight for defense.

This dual-use nature makes regulation exceptionally difficult. Restricting access to AI cybersecurity tools hampers defenders without meaningfully constraining attackers, who operate outside legal frameworks. Open-sourcing defensive AI tools improves collective security but simultaneously educates attackers. Export controls on AI cyber capabilities protect domestic interests but fragment global defensive cooperation against shared threats.

The cybersecurity community’s best hope is not to win the AI arms race but to ensure that defense maintains parity with offense — that AI-powered detection evolves as fast as AI-powered evasion, that AI-assisted patching closes vulnerabilities as fast as AI-assisted exploitation discovers them, and that the cybersecurity workforce develops AI competency faster than the attacker ecosystem exploits it.

Whether this hope is realistic or optimistic delusion remains the defining question of AI cybersecurity. For how these dynamics compare to AI disruption across other sectors, see our AI Sector Impact Overview. For the geopolitical dimensions of AI cyber competition, see our AI Regulation Global Tracker. For how sovereign AI strategies like HUMAIN intersect with cybersecurity concerns, see our HUMAIN Tracker.

In This Article
Related Articles