AI Is Now on Both Sides of the Cybersecurity War — and the Attackers Are Moving Faster

For two years, the cybersecurity industry has promised that AI would tilt the advantage decisively toward defenders. The logic was clean: AI can monitor all network traffic simultaneously, detect anomalies faster than any human analyst, and catch threats that signature-based tools miss entirely. What the pitch understated is that attackers got access to the same technology — and they had fewer constraints on how to use it.

The result is an arms race where both sides are better than they were, but the offensive side is pulling ahead on several key dimensions. Understanding exactly where the asymmetry lies — and what defenders can do about it — is more useful than the broad claim that "AI is changing cybersecurity."

What Attackers Actually Built

The first generation of offensive AI tools — WormGPT, FraudGPT, GhostGPT — appeared on dark web forums starting in 2023. These are fine-tuned or uncensored versions of open-source language models, sold as subscriptions for $50–$200 per month to cybercriminals who lack coding skills. The primary use case is business email compromise (BEC): generating phishing emails indistinguishable from legitimate internal communications, personalized for each target using scraped LinkedIn and public company data.

The impact is measurable. Security firm Hoxhunt's 2024 red-team study found AI-generated spear-phishing emails achieved click rates roughly 60% higher than template-based phishing. FBI IC3 reported $2.9 billion in BEC losses in 2023; that number is expected to grow materially as AI lowers the cost of high-quality social engineering to near zero.

Beyond phishing, AI is accelerating two other attack patterns that were previously bottlenecked by the skill required to execute them:

• Malware polymorphism at scale. AI can generate thousands of syntactically different but functionally identical malware variants from a single sample. Each variant has a different hash, making signature-based antivirus detection useless. What took a skilled malware author days to produce manually now takes seconds.
• Voice and video cloning for fraud. Deepfake audio cloning a CFO's voice has already been used in real attacks — one documented case in 2024 involved a finance employee wiring $25 million after a fake Zoom call that appeared to include multiple real colleagues. The compute cost for real-time voice synthesis has dropped to commodity levels.

Where Defensive AI Actually Helps

The defensive AI story is not fiction. Several capabilities are genuinely mature and providing real protection:

Behavioral anomaly detection is where AI provides its clearest edge. Tools like Darktrace's Enterprise Immune System and CrowdStrike Falcon's behavioral engine learn what "normal" looks like for each user, device, and network segment — then flag deviations without waiting for a known signature. An employee account suddenly accessing payroll systems at 3 AM from an unusual location gets flagged instantly, regardless of whether the attacker used a known piece of malware.

Security operations automation is closing a different gap. The average SOC analyst faces hundreds of alerts per shift, most of them false positives. Microsoft Security Copilot and similar tools can triage, correlate, and investigate alerts automatically — summarizing what happened, which systems are affected, and what remediation steps are recommended. This compresses the time from initial alert to human decision from hours to minutes.

Threat intelligence at scale has improved dramatically. Google's Chronicle AI (built on the Mandiant acquisition) ingests petabytes of security telemetry and surfaces patterns that would take human analysts weeks to identify. CrowdStrike's Counter Adversary Operations team uses AI to attribute campaigns to specific threat actor groups within hours of initial detection.

The Asymmetries That Matter

Despite these genuine defensive gains, three structural asymmetries favor attackers in 2026:

Speed. An attacker needs to find one path through your defenses. A defender needs to close all of them. AI accelerates the attacker's reconnaissance and exploitation phase faster than it accelerates the defender's ability to close every potential vulnerability. Average dwell time — the period between initial compromise and detection — has improved from 204 days in 2022 to around 80 days in 2025, but 80 days is still an enormous window.

Cost asymmetry. Running an AI-assisted phishing campaign at scale costs a few hundred dollars in API fees. Deploying enterprise-grade AI security tooling costs tens of thousands of dollars per year per organization. For small and mid-sized businesses — which make up the majority of breach victims — the cost of defensive AI is prohibitive, while offensive AI tools are accessible to even low-skill threat actors.

Alert fatigue. AI-powered security generates more alerts. Security teams are already overwhelmed — the average SOC reports 1,000+ alerts per day, with false positive rates above 40% for many detection rules. When AI detection systems catch more, the signal-to-noise problem gets worse unless analysts are added or automation is substantially improved. Most organizations are not adding analysts fast enough.

What Security Teams Should Actually Do

The practical response to this landscape is not "add more AI tools." Most organizations are not bottlenecked on the number of security products they run. Here is where focus actually pays off:

Prioritize behavioral detection over signature-based tools. Signature antivirus is dead against polymorphic AI-generated malware. Budget should shift toward endpoint detection and response (EDR) platforms with behavioral engines and toward network detection tools that baseline normal traffic patterns.

Deploy identity-first security. The majority of breaches in 2025–2026 follow the same pattern: credential theft or MFA bypass, then lateral movement. Enforcing phishing-resistant MFA (FIDO2/passkeys rather than SMS or TOTP) on all accounts — not just privileged ones — removes the most common initial access vector. This is not glamorous but it closes more attacks than any AI tool.

Build a voice verification protocol for financial transfers. Given the maturity of voice cloning, any financial transfer above a defined threshold should require verification via a pre-established callback to a known number — not through the communication channel in which the request arrived. This is a policy control, not a technology control, and it specifically addresses the CFO deepfake attack vector.

Run AI red-team exercises. Standard penetration testing still simulates the threat landscape of 2020. Engaging firms that specifically test AI-assisted social engineering — including deepfake voice phishing against your finance and executive teams — reveals gaps that conventional pentests miss.

The cybersecurity AI war is not won or lost. It is ongoing, and the organizations that will fare best are those that understand the specific attack patterns AI enables rather than treating "AI in security" as a single monolithic concept. The threat is specific. The defenses need to be too.