The Rise of AI-driven Cyber Attacks


It is hard to deny the adaptability that AI has provided cybersecurity intruders as a number of high profile crimes has occurred with multipronged attacks across the tech stack as well as towards human employees. The biggest AI-driven cyberattacks in 2025 include AI-powered phishing and social engineering, sophisticated malware that can adapt in real-time, and the use of deepfakes for impersonation. Other major threats involve AI being used for large-scale disinformation campaigns and the creation of malware that can automatically evade detection. 

Major attacks and incidents reported in 2025 include:

The Arup Deepfake Fraud: In a truly surprising incident reported in August, cybercriminals used AI-generated deepfakes of senior executives in a video call to convince a finance employee at British engineering firm Arup to transfer $25 million. The British multinational design and engineering company behind world-famous buildings such as the Sydney Opera House fell prey to this malicious AI fraud. The employee contacted was fooled by the realistic video and voice clones of actual company leaders, underscoring AI's use in advanced social engineering.

Claude Chatbot Exploitation: A report from Anthropic in August detailed how a hacker manipulated the AI chatbot Claude to automate every stage of a campaign against 17 different organizations. The attacker prompted Claude to perform reconnaissance, generate custom malware, and write personalized ransomware notes, essentially allowed it to fully automate and scale cybercriminal operations Targets included a bank, healthcare providers, and a defense contractor demanding ransoms of up to $500,000.

Salesforce Agentforce Compromise: In 2025, attackers used an indirect prompt injection to compromise Salesforce's Agentforce AI. The attacker would embed malicious instructions within a legitimate customer interaction, such as a "Web-to-Lead" form. This form data, including the hidden payload, would then be stored in the Salesforce database. By submitting ordinary data, they were able to force the autonomous agent to perform unauthorized commands, creating a risk of mass customer data exfiltration. Luckily, Salesforce responded by patching the system and adding security controls before any large data breaches occurred. 

It is critical for the security function of any firm to stay vigilant but also to keep abreast of new innovations across the technology landscape and understand that a dexterous approach is needed in these evolving times.

Comments

Post a Comment

Popular posts from this blog

To SWOT or Not?! Answer = Technical SWOT

Image
No one who has ever worked in a corporate environment, much less been to business school, has ever avoided dealing with the infamous SWOT Analysis. SWOTs are meant to summarize the strategic positioning of a company and explain where they are and what steps they should take to be more effectual. In actuality, they are a very effective high-level tool for examining any company. I incorporated the SWOT technique into my own surveys of companies and created the T-SWOT or Technical SWOT analysis. The idea here is to easily and effectively explain to my VC clients what are the Technology-based positioning a company has. Each SWOT axis can be converted to technology standards and examines the tech functions of a company in a granular fashion. SWOT in an IT Context: Strengths - technical strengths in platform, infrastructure and management Weaknesses - who a firms software design and platform may weaken them and what they should do Opportunities - in the te...
Read more
Image
Technology Risk Management Primer for Portfolio Companies ( Part 1) Private equity and venture capital firms often face the threat of risk within  their portfolio companies, but are not always certain of their portfolio firm’s  competency in this area. Risk Management within Information Technology is  especially critical as it affects all operations as well as the eventual valuation  of the portfolio investment. CSC, Inc. specializes in helping investment firms  make the best technology decisions for their portfolio company’s technology  needs. This article serves as a primer for PE & VC firms who must ensure that their  investments are secure and may need to proactively engage the IT  management of their portfolio company. This primer can act as a template  for those IT managers that are tasked with developing an IT risk  management plan and who need guidelines for the process. It will also  provide examples of how t...
Read more

M&A Deals: A Bullseye for Cyberattacks

  M&A transactions are a prime target for cybercriminals. While executives might think of cyber threats as planned attacks, hackers become active as soon as a deal is announced, probing for weaknesses. The period from announcement to integration creates heightened risk due to: Increased network activity: Employees from both companies ramp up activity, potentially exposing vulnerabilities. Sophisticated attacks: Hackers use advanced techniques like deepfakes to steal confidential information like intellectual property. Ransomware and extortion: Criminals may lock down systems with ransomware or exploit resources for illegal activities. Undocumented backdoors: Unpatched systems, legacy devices, or forgotten web portals can provide easy access points. Supply chain vulnerabilities: Tens of thousands of system interfaces create opportunities for attackers. Cybersecurity Due Diligence is Crucial For a successful M&A, both buyer and seller need thorough cybersecurity ...
Read more