Washington: Foreign adversaries, including Russia, China, Iran, and North Korea, are increasingly leveraging artificial intelligence to carry out cyberattacks and spread disinformation targeting the United States, according to a new report from Microsoft. The tech giant revealed that in July alone, more than 200 AI-driven incidents were detected, more than double the number reported in July 2024 and over ten times the total seen in 2023.
Published Thursday in Microsoft’s annual digital threats report, the findings highlight a sharp escalation in AI-enabled operations designed to deceive, disrupt, and steal sensitive information. These tactics range from automated phishing emails and the creation of deepfake content to digital impersonations of senior officials.
“AI is no longer just a tool for innovation; it is increasingly weaponized,” said Amy Hogan-Burney, Microsoft’s vice president for customer security and trust. “Foreign adversaries, criminal gangs, and hacking firms are exploiting AI to penetrate sensitive systems, spread disinformation, and enhance cyberattacks in ways previously unimaginable.”
Government-backed cyber operations often focus on espionage, supply chain disruption, and undermining critical infrastructure, while criminal organizations primarily seek financial gain through ransomware, theft, or extortion. Some cybercrime groups have reportedly formed partnerships with nations like Russia, blurring the lines between state-sponsored operations and profit-driven criminal activity.
AI, experts warn, makes these attacks more efficient and convincing. Poorly worded phishing messages can be polished into credible communications, while digital avatars of government leaders can be deployed to manipulate individuals or organizations.
“The U.S. remains the top target globally for cyberattacks,” Hogan-Burney said. “Companies, governments, and organizations are expanding digital networks, often relying on outdated defenses. It’s a pivotal moment investing in cybersecurity basics is no longer optional.”
Israel and Ukraine follow the United States as the most targeted nations, reflecting how ongoing military conflicts have spilled into the cyber domain.
Russia, China, and Iran have denied conducting cyber espionage or disruption against the United States. China has accused Washington of attempting to “smear” Beijing, while Iran’s mission to the United Nations stated it does not initiate offensive cyber operations but reserves the right to respond proportionately if targeted. North Korea, meanwhile, has developed AI-driven schemes to create fake American identities to access corporate networks, siphoning salaries and exfiltrating data.
Nicole Jiang, CEO of San Francisco-based cybersecurity firm Fable, described the growing threat as “a digital cat-and-mouse game.” AI, she said, is a double-edged sword: “It can be used by attackers to deceive, but it is also a critical tool for defense.”
The Microsoft report signals an urgent need for U.S. organizations to modernize defenses, implement AI-aware cybersecurity measures, and remain vigilant against increasingly sophisticated digital threats.
As AI continues to evolve, experts warn that the intersection of advanced technology and cybercrime will define the next era of global conflict, with high-stakes implications for governments, businesses, and ordinary citizens alike.