The report describes how generative models and intelligent agent systems are changing the economy of online crime, from infiltration campaigns that adapt in real time, through polymorphic malware that continuously rewrites itself, and social engineering based on particularly convincing deep fakes, to flooding organizations with flawed synthetic code, “poisoned” AI models, and suspicious modules that are inserted into the development and supply chain, so that the line between innovation and exploitation is blurring.
Ransomware is also changing shape and moving to a data-driven operation – an AI-driven ecosystem that quickly identifies victims, maps weaknesses, steals information and negotiates through automated “blackmail bots”, with less emphasis on encryption and more on the threat of exposure. The result is campaigns that are faster, more durable and harder to detect.
Faced with this reality, Trend Micro calls on organizations to move from reactive protection to proactive resistance, to embed security in every layer of AI adoption and cloud operation and in every link of the supply chain, to combine smart automation with human control and to see security as a strategic infrastructure and not just a layer of protection.