AI Driven Cyberattacks Have Entered a New Phase

An Operation Where AI Took the Lead

According to Anthropic’s analysis, the attackers used AI agents that handled nearly the entire attack chain. Human operators participated only in ten to twenty percent of the overall activity, and even those moments were optional. Their role was largely strategic, such as identifying a target or deciding when to move to the next stage.Every significant operational step in between was executed by autonomous AI.This includes reconnaissance, system access, privilege decisions, task execution and intelligence extraction. The AI agents adapted their behavior in real time and made choices traditionally reserved for human operators.Most striking is the pace. During the collection phase, AI agents accessed systems, evaluated the value of intelligence and exfiltrated data in two to five hours. This is no longer the slow, methodical espionage activity security teams are accustomed to. This is machine speed.

Public Tools Instead of Custom Malware

Another detail from the report should concern every enterprise security leader.The attackers used publicly available tools throughout the operation. This choice significantly lowers the entry barrier. In the past, advanced espionage required custom payloads, sophisticated infrastructure and high technical skill.Today it may require little more than AI orchestration and access to public utilities.This means the pool of potential adversaries capable of performing high impact operations is expanding. Groups with minimal experience will soon be able to execute campaigns that previously required nation state level expertise.

‍
A Compression of the Entire Attack Timeline

Security practitioners have already observed that attack windows are shrinking. Cryptocurrency heists moved from days to minutes. Ransomware intrusions that once spanned weeks now complete in hours. Data breaches often follow the same pattern.The transition to AI driven operations represents a deeper change. It is not simply a faster attacker. It is an attacker that scales, branches and learns at a speed that no human team can match.The traditional approach to detection and response was built for human speed adversaries. It now faces a generational shift.

What This Means for Enterprises

The rise of autonomous AI threats demands an equally transformative response. The security stack must evolve in four critical ways:

Real time monitoring rather than periodic scanning
Attacks that operate in minutes cannot be addressed by tools that operate in hours or days.

Context driven detection rather than signature based alerts
AI agents do not behave like traditional malware. Defenders must analyze intent, behavior and context, not just known patterns.

Protection at the point of interaction
Modern threats emerge inside prompts, browser sessions, developer workflows and internal AI applications. Controls must exist wherever AI powered work happens.

Continuous compliance enforcement
As autonomous threats scale, regulatory exposure rises. Enterprises need embedded controls that prevent data leakage, enforce usage policies and maintain provable compliance.

Why This Matters to Our Mission

At Nyuway our work is rooted in one belief: enterprises need protection at the speed and scale of modern AI. The shift documented by Anthropic validates the urgency behind that belief. When adversaries automate attacks, defenders must automate protection. When attackers operate inside AI systems, security must operate there as well. When attackers adapt continuously, detection must be dynamic and intelligent. This new era is not defined by more attacks. It is defined by a new type of attacker. One that thinks, reacts and executes faster than any human driven model. Enterprises that prepare early will lead with confidence. Those that respond late will face risks they have never encountered before.
‍

Click here to download the full report : https://tinyurl.com/vaxdravc