The New Rules of Engagement - How AI Changed Cyber Conflict
We are currently witnessing a fundamental shift in the nature of cyber conflict, largely driven by artificial intelligence. What was once the preserve of states and specialized teams has become much faster, cheaper, and more accessible. Attacks that once required months of careful planning can now be carried out in days or even hours.
But speed is not the only factor. The line between technical failure and psychological warfare is blurring, as modern attacks often occur in conjunction with coordinated information operations designed to damage our heads as well as our servers.
The Democratization of Hacking
The barrier to entry for cybercrime has never been lower. Thanks to artificial intelligence, sophisticated capabilities are now widely available on commercial platforms and underground markets. Automated tools can scan networks for vulnerabilities, create hyper-targeted phishing campaigns, and adapt their methods in near real-time.
This has led to a massive expansion of the threat landscape. As the gap between vulnerability discovery and exploitation rapidly narrows, defenders are stuck in a perpetual race against time.
Listen to Ash Jackson discuss the role of AI in these attacks here:
It’s Not Just a Hack. It’s a Story
Today’s cyberattacks rarely stop at the network perimeter; they are increasingly designed to launch broader information operations. When a security breach or data leak occurs, it is often followed by a wave of coordinated narratives that amplify on social media and instant messaging.
The goal is specific: to undermine trust in institutions, exaggerate the damage, and fuel social polarization. So technical recovery is no longer enough. Organizations must treat media monitoring as a strategic imperative. Decision-makers must track these narratives in real-time to separate organic public reaction from coordinated manipulation before fake stories become accepted facts.
AI on Defense - A Force Multiplier
Fortunately, AI isn't just a weapon for the bad guys. For defenders, it offers an unprecedented ability to process massive amounts of data and prioritize risks. AI-driven systems are crucial for identifying known vulnerabilities—which still cause most breaches—and accelerating patching processes that used to take weeks.
However, while AI acts as a "force multiplier" that allows small teams to manage complex environments, it is not a substitute for human judgment. Over-relying on automation can create dangerous blind spots, especially when critical infrastructure is involved.
Greg Van der Gaast explores the defensive side of AI in this segment:
The Human Element
If there is one recurring lesson from recent incidents, it’s that cybersecurity failures are rarely purely technical—they are organizational. Security often sits in a silo, disconnected from leadership and operations.
True protection requires a global cultural development where security is a shared and mutual responsibility. Strict operational discipline, network segmentation, and constant backups often provide greater resilience than buying the latest trendy tools.
The Stakes for Public Trust
For governments and large institutions, the stakes are high, as protecting systems now means protecting public trust. To combat this, we need clearly enforceable standards and a commitment to modernize outdated systems. We also need to reduce our tolerance for cybercrime; weak enforcement only fuels the threat ecosystem.
The Big Picture
Artificial intelligence has transformed cyber conflict into a multidimensional contest that spans networks, organizations, and information spaces. While it empowers attackers, it also gives defenders new tools to see and understand the battlefield.
Organizations understand that a cyberattack is a complex event, intertwined with public perception, that requires not only better technology but also better management and assessment.
