AI's Expanding Role in Cybercrime: A Double-Edged Sword AI is now involved in every stage of cyberattacks, from target identification to data theft, according to Check Point research. Criminal groups are using AI as the primary operator in breaches, often detected only through attacker mistakes or AI provider monitoring. The shift raises urgent questions about whether traditional security teams can keep pace with AI-driven cybercrime. AI's Expanding Role in Cybercrime: A Double-Edged Sword AI is now a key player in cyberattacks, accelerating the pace and scale of criminal activities. This raises questions about cybersecurity readiness. Two years ago, hackers started tapping into AI for tasks like translating technical material and troubleshooting malicious code. Fast forward to today, AI's presence in cyberattacks has grown significantly. It's not just a tool, it's a partner in crime. AI's Growing Footprint Recent research from Check Point highlights a striking trend: AI is now involved in every stage of a cyberattack. From identifying targets to exploiting vulnerabilities and stealing data, AI facilitates these operations with unprecedented speed. What was once a human-led effort is now increasingly automated, with AI systems executing thousands of commands. The trend is clearer when you see it. AI's role is no longer limited to isolated tasks. It's embedded in the entire process. Criminal groups, as reported by Check Point, have been breaching government agencies using AI as the main operator. Often, the attackers' own mistakes or monitoring by AI providers reveal the AI's role rather than the victim's security measures. Why It Matters This isn't about AI reaching full autonomy in hacking yet. It's about AI becoming a consistent aid throughout cyber intrusions. The shift underscores how rapidly the cyber landscape is adopting AI. Can traditional security teams keep up with AI's pace in cybercrime? Major commercial AI models are preferred by hackers, although they sometimes resort to Chinese models like DeepSeek /compare/llama-4-vs-deepseek-r1 or Qwen when Western ones prove too secure. These models have fewer guardrails /glossary/guardrails , making them easier to exploit for malicious purposes. The Global Implications Chinese AI models are gaining traction in coding tasks, and Beijing is considering restricting overseas access. This highlights their growing national security importance and appeal to cybercriminals. Given the geopolitical tensions, it’s no surprise that exploitation attempts on U.S. targets are increasing, driven by AI-enabled speed. The Cybersecurity and Infrastructure Security Agency CISA has revised its guidance to address this new threat landscape. They recommend patching security flaws within hours, a near-impossible task given the current pace of cyberattacks. A vulnerability now transforms into an active exploit almost instantaneously. AI's operational efficiency outpaces human-led security responses. With OpenAI /glossary/openai 's recent release of GPT /glossary/gpt -5.6, touted as their strongest cybersecurity model, the capabilities of AI in cybercrime are only set to grow. The Trump administration has called for a classified process to benchmark /glossary/benchmark these models' capabilities by August 1. But here's the real question: Are we prepared for AI's widespread role in cybercrime, or are we underestimating its impact? Get AI news in your inbox Daily digest of what matters in AI.