AI Is Supercharging Cybercrime, and U.S. Companies Could Feel the Shock Within Months

Cybersecurity teams are bracing for a fast, ugly shift: AI-boosted attacks that scale in months, not years. The playbook isn’t brand-new, but the speed, volume, and precision are.

Generative AI is helping criminals crank out convincing phishing lures, automate target research, and even probe corporate systems through the same AI assistants companies are rolling out to boost productivity. Intelligence and incident-response teams warn the result will be more attacks, aimed more directly at specific employees, and harder to trace back to a culprit.

The bottom line for businesses: there’s no magic AI tool that “solves” this. The winners will be the organizations with tight access controls, disciplined operations, and the ability to spot and stop intrusions quickly.

Intelligence agencies see an AI-driven jump in cyberattacks, soon

What’s setting off alarms is the collision of three trends: a surge in attack attempts, the personalization generative AI makes cheap and easy, and a growing number of new entry points inside companies, especially AI assistants and autonomous “agents” connected to internal data.

Defenders are using AI too, but the balance still comes down to fundamentals: who can access what, how well systems are monitored, and whether security teams can detect suspicious behavior before it turns into stolen data or a fraudulent wire transfer.

France’s top cyber agency says generative AI is already part of the threat

French government and industry reports have moved generative AI from “future risk” to “current reality.” CERT-FR, the French government’s national computer emergency response team, has published guidance focused specifically on generative AI in cyberattacks, building on its broader 2025 threat outlook.

The big change isn’t just sophistication, it’s productivity. Phishing campaigns that once took hours of writing, translating, and testing can now be assembled in minutes, with tailored versions for different job roles, countries, and seniority levels.

That scale makes defense more expensive and exhausting. Security teams have to filter more noise while still catching the faint signals that indicate a real compromise.

Investigators also stress a hard truth: attacks don’t have to be perfect to work. One overly exposed inbox, one weakly protected account, or one less-secure vendor can be enough. AI can assist at multiple steps, picking targets, drafting messages, sending follow-ups, and sorting replies to find the most promising victims.

And despite the hype, AI isn’t “replacing” human attackers. It’s amplifying them. The fear is that in the coming months, already-stretched targets, small and midsize businesses, local governments, and contractors, will face a wave of credible scams that trigger payments, data leaks, or operational shutdowns.

AI-written phishing has surged since ChatGPT went mainstream

One stat circulating in security briefings is hard to ignore: a report cited by accounting and risk professionals found phishing emails jumped1,265%betweenQ4 2022andQ3 2023, a period that lines up with the mass adoption of chatbots and AI writing tools.

In practical terms, AI helps criminals write like a coworker, mimic a manager’s tone, and weave in details scraped from public sources, org charts, press releases, job postings, and LinkedIn-style professional updates.

For finance teams, the classic trap remains business email compromise: a message pushing an “urgent” payment, a last-minute bank-account change, or an end-of-month scramble. The email is short, plausible, and timed perfectly, because the attacker can automate the monitoring.

Deepfakes raise the stakes. A fabricated video of a CEO “admitting” fraud, a fake internal memo about earnings, or an audio clip that convincingly imitates an executive’s voice can spark panic, reputational damage, or rushed decisions. The danger is speed: the content doesn’t have to be flawless, it has to hit before the truth catches up.

And the attack surface is widening beyond email: texts, messaging apps, phone calls, and social platforms. Security officials worry about blended campaigns, an email, followed by a voicemail, followed by a nudge in an internal chat tool. The fix isn’t vague warnings to “be careful.” It’s process: dual approval for payments, out-of-band verification, and strong authentication so critical accounts aren’t protected by a password alone.

A Copilot-style AI assistant can become a quiet data-leak channel

A case that grabbed attention involves a vulnerability dubbedEchoLeaktied toM365 Copilot, demonstrated by researchers inJune 2025. The takeaway wasn’t about a flashy hack, it was about how an enterprise AI assistant could potentially be manipulated into exposing data without users realizing it.

In scenarios like this, attackers exploit how people interact with the assistant, attempting to coax it into revealing information it shouldn’t. In a corporate environment, that could include HR documents, contracts, internal emails, or commercial strategy.

The key issue is governance, not gimmicks: which data the assistant can access, how permissions are structured, what logs are retained, and what triggers an alert.

Security teams warn about a familiar trap: companies deploy fast because the business wants results, then try to secure later. But AI assistants are designed to retrieve and summarize information. If document sharing is sloppy and access rights are too broad, the assistant can magnify existing weaknesses, like plugging a high-powered search engine into a messy, overexposed file cabinet.

These tools aren’t doomed. But they need to be treated like sensitive applications, with network segmentation, least-privilege access, regular permission reviews, and ongoing testing. The bigger fear is a wave of “silent” incidents, slow data leakage that’s hard to detect, then later fuels extortion, corporate espionage, or targeted attacks on executives and vendors.

AI agent marketplaces could become the next supply-chain nightmare

Another warning sign: supply-chain attacks aimed at AI agents and their plug-ins. InFebruary 2026, researchers described a campaign dubbedClawHavocon an AI agent marketplace calledOpenClaw, where1,184malicious “skills” were introduced, about20%of the registry, according to published findings.

The risk is easy to understand. A company installs a plug-in because it promises to automate a task, and unknowingly imports malicious code. In the reported case, the campaign exposed135,000instances to remote code execution through a vulnerability tracked asCVE-2026-25253.

This isn’t a scam email. It’s a technical foothold that can enable system takeover, lateral movement across networks, and data theft.

Intelligence teams worry about the hype cycle: businesses want agents, marketplaces, and connectors because the pitch is irresistible, save time, reduce repetitive work, fill skills gaps. But if vendor vetting is weak, permissions are overly broad, and updates aren’t controlled, the attack surface balloons. In supply-chain attacks, one compromised component can spread across dozens of organizations.

Security basics, code review, signed packages, permission limits, aren’t glamorous. They’re also what prevents the kind of incident that turns into lawsuits, contract disputes, and major business disruption.

Defenders are using AI too, but discipline still decides who wins

AI isn’t only helping criminals. Cybersecurity vendors are pushing real-time detection and faster response, tools that correlate signals, flag abnormal behavior, isolate machines, and cut off access before data is stolen or systems are encrypted.

The pressure is intense. A widely cited University of Maryland analysis has estimated a cyberattack occurs every39 seconds, roughly2,244per day. Separately, Check Point reported a30%global increase in cyberattacks inQ2 2024. The metrics measure different things, but they point to the same reality: security teams are operating in a saturated environment where fatigue becomes a vulnerability.

Many organizations are trying to offset a shortage of skilled staff by automating triage, reducing false positives, prioritizing alerts, and spotting account takeovers or adaptive malware behavior. But officials keep repeating the same warning: tools don’t replace governance. Without segmentation, tested backups, clear procedures, and tight access controls, defensive automation can simply hide blind spots.

The challenge over the next few months is moving fast without losing control. That means multi-factor authentication on critical access, usable logging, regular permission reviews, targeted training on payment-fraud scenarios, and crisis drills. AI can help defend, but it won’t replace rigor when attackers are aiming at people, payments, reputations, and data leaks you don’t notice until it’s too late.