📊 Full opportunity report: The Frameworks Can’t See the Thing That Matters: A Year of AI-Enabled Cyber Threats on ThorstenMeyerAI.com — validation score, market gap, and execution plan.
TL;DR
A year-long analysis shows AI is increasing cyberattack sophistication and blurring threat distinctions. Traditional metrics no longer reliably identify dangerous actors, raising new security challenges.
New research from Anthropic reveals that AI is enabling cyberattackers to become more dangerous, with traditional threat assessment methods losing their predictive power. The report analyzes 832 banned malicious accounts over a year, showing how AI use has shifted attack techniques and blurred distinctions between skilled and novice actors.
Anthropic’s analysis of 832 malicious accounts banned between March 2025 and March 2026 indicates that AI is increasingly used to prepare and execute cyberattacks. The most common application is malware creation, used by 67.3% of actors, with smaller groups employing AI for complex tasks like lateral movement within networks. Over the year, the proportion of actors engaging in higher-risk activities increased from 33% to 56%, signifying a significant escalation in threat sophistication.
Moreover, AI’s role has shifted from initial access techniques, such as phishing, toward post-breach activities like account discovery and lateral movement. This transition suggests attackers are relying more on AI for operational tasks once inside a network, making even less skilled actors capable of executing advanced maneuvers previously limited to experts. This democratization of attack capabilities challenges existing threat models, which traditionally linked attacker skill to the number of techniques used or tools employed.
The frameworks can’t see the thing that matters
For decades, danger meant which techniques an attacker commands. A year of real AI-enabled attacks — 832 banned accounts mapped onto MITRE ATT&CK — shows that signal breaking, just as a new, harder-to-see one takes over.
A year of real misuse, mapped to the standard taxonomy
A window, not a census — these are the cases with enough detail to assess techniques thoroughly. Inside it, the risk level climbed fast.
WHAT WAS STUDIED
THE RISK CLIMB · MEDIUM-OR-HIGHER ACTORS
Artificial Intelligence for Cybersecurity: Develop AI approaches to solve cybersecurity problems in your organization
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
“More techniques” stopped meaning “more dangerous”
The old heuristic: count the techniques, judge the tooling. AI dissolved it — because the model supplies the techniques either way. Watch the old signal fail, then watch what it misses.
Risk score vs. technique count
Two ways to read the same attacker. One is going blind. Press play.
Cyber Threat Intelligence: A Hands-On Guide to Threat Modeling, Intelligence Gathering, Forensics, and Operational Security Workflows (Rheinwerk Computing)
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Deeper into the attack — and into less-skilled hands
Across the year, AI use drifted from getting in toward acting once already inside — the operationally demanding stages that used to require an expert.
The attack lifecycle · where AI is now applied
The center of gravity moved right — toward post-compromise work.
The Practice of Network Security Monitoring: Understanding Incident Detection and Response
Used Book in Good Condition
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
From “what they know” to “what they’ve built”
The report sorts the signals into three tiers — one dead, one fading, one durable.
Technique count & tooling
16 vs. 20 between novice and expert; platform doesn’t correlate. The model supplies the techniques either way.
Where in the lifecycle AI is applied
Concentrating on operationally demanding, post-compromise stages is a better signal — but it’s eroding as the whole population heads there.
The scaffolding around the model
Architectures that let the model chain stages and run with minimal human input. Not what they know — whether they’ve built a system that lets AI run the attack.
Effective Threat Investigation for SOC Analysts: The ultimate guide to examining various threats and attacker techniques using security logs
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Fixing the map before the territory moves again
A taxonomy that can’t name the most dangerous behavior on the field will quietly mislead the people relying on it. The response runs in two directions.
Fed back into the models
The findings informed safeguards on the most capable models, built to detect & block some of what was observed:
- Blocking malware development
- Blocking mass data exfiltration
- Putting tools in defenders’ hands first (Project Glasswing)
Taking it to the source
Following the Verizon work, Anthropic says it’s in discussions with MITRE about how ATT&CK might evolve:
- A vocabulary for agentic orchestration
- Naming the scaffolding that makes a model an operator
- An interactive technique visualization on the Red blog
Reading it in proportion
- The 832 cases are a detailed subset, not the full population — the precise percentages are directional, not definitive.
- “More autonomous” is not “fully autonomous” — even the standout case needed human input at key moments, which is itself a place for defenders to intervene.
- This is one vendor’s window — the company with visibility into misuse of its own model, publishing what it found. The right thing to do with the data, and worth remembering as you read it.
Erosion of Traditional Threat Assessment Metrics
The findings indicate that conventional indicators—such as the number of techniques or specific tools—are no longer reliable for assessing attacker danger. AI’s ability to perform complex tasks reduces the gap between skilled and unskilled actors, complicating threat ranking and response prioritization. This shift could lead to underestimating risks posed by seemingly less sophisticated actors, as their use of AI enables them to execute operations previously thought beyond their reach.
AI’s Growing Role in Cyberattack Evolution
For decades, security professionals relied on the assumption that more techniques and advanced tools signaled a more dangerous attacker. The recent analysis from Anthropic demonstrates that AI is transforming this landscape by automating complex tasks and enabling broader participation in high-level attack activities. This trend is part of a broader evolution in cyber threats, where AI acts as an equalizer, lowering the skill barrier for sophisticated attacks.
Prior to this, threat models focused on actor skill levels, with threat assessments based on observable techniques and tools. The rise of AI-assisted attacks disrupts this paradigm, requiring new approaches to threat detection and attribution. The shift also aligns with other recent reports indicating increased use of AI in malicious activities, but the Anthropic data provides the first comprehensive look at how this impacts threat evaluation.
“Our analysis shows that the link between attacker skill and observable techniques is breaking down, requiring new metrics for threat assessment.”
— Anthropic research team
Unclear Impact of AI on Threat Attribution Accuracy
While the report demonstrates how AI is broadening attack capabilities, it remains unclear how security teams will adapt their threat assessment models to account for these changes. The precise effectiveness of new detection strategies that could replace traditional metrics is still under investigation, and it is not yet known how quickly organizations will implement these adaptations.
Adapting Threat Models and Detection Strategies
Security researchers and organizations are expected to develop new frameworks that better account for AI-driven attack techniques. Further studies will likely focus on identifying reliable indicators of threat level beyond technique counts and tool usage. Meanwhile, threat intelligence sharing and AI-specific detection tools are anticipated to become critical components of cybersecurity defenses in 2026 and beyond.
Key Questions
How does AI make attackers more dangerous?
AI automates complex attack tasks such as lateral movement and account discovery, enabling less skilled actors to perform high-level operations that previously required expertise.
Why are traditional threat assessment methods no longer effective?
Because AI allows attackers to perform sophisticated techniques regardless of their skill level, the correlation between the number of techniques used and threat danger has broken down.
What can organizations do to adapt to this new threat landscape?
Organizations need to develop new detection and attribution strategies that focus on operational signals and attack scaffolding, rather than just technique counts or tool types.
Is this trend likely to continue or accelerate?
Given current developments, AI’s role in cyberattacks is expected to grow, making it essential for cybersecurity defenses to evolve rapidly to keep pace.
What are the biggest challenges in addressing AI-enabled threats?
Key challenges include developing reliable new metrics for threat severity, integrating AI detection tools, and countering the democratization of advanced attack techniques.
Source: ThorstenMeyerAI.com
