Threat actors are increasingly leveraging AI to supercharge their operations—moving faster, scaling attacks, and outpacing traditional security defenses. A recent report from CrowdStrike highlights a sharp rise in attack velocity, setting new records that challenge even the most prepared security teams.
In 2025, the average e-crime breakout time dropped to just 29 minutes—a 65% increase in speed compared to the previous year. Even more alarming, the fastest recorded breakout occurred in just 27 seconds, down from 51 seconds the year before. Breakout time refers to how quickly an attacker moves from initial access to spreading across systems—and in some cases, data exfiltration now happens within minutes.
Security experts warn that this acceleration leaves defenders with almost no margin for error. Adam Meyers, head of counter adversary operations at CrowdStrike, compared the challenge to stopping an intruder before they gain full access to a building. Once inside, tracking their movement becomes exponentially harder.
Beyond speed, threat groups are also exploiting legitimate AI tools. Around 90 organizations were affected by attacks involving malicious prompts designed to steal credentials or siphon cryptocurrency.
The report also notes a nearly 90% surge in AI usage among both nation-state and cybercriminal groups. For instance, Fancy Bear deployed AI-driven malware to automate reconnaissance and document harvesting. Meanwhile, the cybercriminal group Punk Spider used AI-generated scripts to erase forensic traces and accelerate credential theft. Another group, Famous Chollima, leveraged AI-generated personas to conduct insider-style attacks.
These findings reinforce broader concerns about AI amplifying cyber threats. In late 2024, Anthropic reported that a China-linked group misused its AI coding tools in a global espionage campaign targeting dozens of organizations.
Source: cybersecuritydrive Edited by Bernie
