Is AI in cybersecurity the opposition - or an opportunity?
AI is making cyber attacks faster, smarter and harder to detect. Here’s how organisations can use AI to strengthen their defences and keep pace with evolving threats.
It feels like an unstoppable onslaught: Criminals using AI to hone and accelerate their cyberattacks at scale and speed. And it’s driving an astonishing rate of growth in the cybercrime industry.
According to CrowdStrike’s 2026 Global Threat Report, “AI-enabled adversaries increased operations by 89% year-over-year, weaponising AI across reconnaissance, credential theft, and evasion.”
As for speed, says CrowdStrike, “the average eCrime breakout time fell to just 29 minutes in 2025, with the fastest observed breakout occurring in only 27 seconds.” And ironically, CrowdStrike reports that AI tools and development platforms are amongst the key targets.
Fortunately, AI is the proverbial double-edged sword in this new battlefield.
Before we talk AI-enabled defence, though, let’s take a look at how AI is currently being (mis)used to attack Australian businesses and organisations.
1) AI-generated social engineering and spear phishing – more convincing and scalable than ever before
The Australian Cyber Security Centre (ACSC) says recent advances in AI have “amplified the effectiveness of social engineering techniques.” Malicious actors are using AI-enhanced trust, urgency and empathy to trick your staff into opening attachments, visiting unauthorised sites, revealing their credentials, disclosing sensitive company or client information, or even transferring funds.
The business roles targeted? Senior managers, IT service desks, HR, sales, marketing, finance and legal. And attackers aren’t shy about using a shotgun approach; they’ll contact as many of your staff as possible, hoping at least one attempt succeeds.
2) AI-enhanced voice phishing (“vishing”) – impersonating your executives
ACSC explicitly calls out social engineering attempts delivered via voice phishing (vishing) and notes that AI has increased their effectiveness.
These often highly convincing communications may appear to come from a colleague, senior manager or business or departmental leader, which directly relates to executive impersonation and internal fraud scenarios, as well as enabling bad actors to gain access to your networks and data.
3) AI-generated synthetic media and deepfakes - delivering misinformation
ACSC’s multimedia integrity guidance says malicious actors can use manipulated or fully synthetic media in cyber, criminal and other malicious activity against organisations to impersonate and misinform. (If you haven’t come across the term before, synthetic media is digital content that’s been created or altered by AI – including text, images, audio and video.)
AI is making it much easier, faster, and more scalable to impersonate people and organisations – in effect, creating and running deepfake media as a mass-production operation.
ACSC also warns that the accessibility, speed, and quality of AI-powered media manipulation have already reached levels that traditional verification methods may struggle to identify.
4) AI-assisted acceleration of vulnerability discovery and exploitation
In good news for cybercriminals (but sadly not for reputable businesses), ACSC says AI is changing the economics of cyberattacks by lowering the cost, effort, and expertise required to discover and exploit vulnerabilities.
As frontier AI models improve at reading and reasoning about code, vulnerabilities that once required rare expertise and significant time to find are becoming easier to identify and exploit. ACSC says independent testing found that one frontier model could autonomously chain tasks into an end-to-end intrusion and, on some runs, complete a 32-step simulated corporate network attack.
5) AI delivery of cyber threats at greater scale and speed
ACSC’s 2026 guidance for defenders states plainly that “malicious actors are using [AI] to deliver cyber threats at greater scale and speed.” It warns Australian organisations that if they don’t re-evaluate and improve their defences, they’ll remain vulnerable to AI-enabled cyber threats.
In short, AI isn’t just improving attack quality - it is helping threat actors scale delivery.
6) AI-assisted copycat scam and phishing websites - impersonating legitimate firms
The Australian Securities and Investments Commission (ASIC) says scammersare using “slick templates, fake corporate documents and chatbot plugins to launch convincing copy-cat scam websites quickly”. By creating fake news pages with AI-generated celebrity and prominent Australian fakes, scammers collect contact information and pitch their scams.
Over the past two years, ASIC’s takedown program has helped remove more than 14,000 investment scam and phishing websites. It continues to remove around 130 malicious sites a week. While these campaigns often target consumers, they also impersonate real Australian businesses, brands, and licensed firms, showing how AI is helping criminals launch fraudulent web infrastructure more quickly.
In reporting on ASIC’s anti-scam work, ABCquoted ASIC Commissioner Alan Kirkland saying AI has begun playing two key roles in scams, including that “AI makes it much easier to create a new website.”
Sadly, AI-enhanced attacks aren’t hallucinations
We know that nothing drives home the point like an actual example. So, here goes:
In late 2024, Noosa Council fell victim to a sophisticated and well-organised cyber fraud. ABCreported that after a “sophisticated” fraud in which perpetrators used artificial intelligence to “imitate personalities,” Noosa Council initially lost $2.3 million, but eventually recovered about $400,000 of that amount.
Noosa Council later confirmed a total loss of $1.9 million. And CEO Larry Sengstock, said: “The criminals used sophisticated social engineering AI techniques but we won’t disclose specific details of how the fraud occurred to protect staff and from also highlighting the criminals’ actions…Police say that these types of incidents are on the rise and should act as a warning for organisations to continually review their procedures.”
Fortunately, a forensic investigation confirmed that there was no breach of Council’s system, no personal data was taken, and no Council service was impacted.
Centrelink and Medicare were also impacted by a large-scale AI-enabled impersonation/phishing campaign (to note: this was impersonation rather than confirmed internal breaches). Yahoo Finance reported the fake emails used in the campaign leveraged information about Medicare, superannuation, JobSeeker payments and Family Tax Benefits, and said attackers were using AI to make the emails increasingly difficult to spot.
Using AI to fight the good fight
Thankfully, AI also presents a major opportunity for cybersecurity partners to improve their services - and shore up your defences. Despite AI-powered cyberattacks reaching new levels of sophistication, if you are well-prepared, there’s no need to run scared.
How, exactly?
Leveraging the AI opportunity
AI is equally a weapon for good - enabling proactive threat detection, accelerating incident response, and enhancing overall defence strategies against a growing threat landscape.
By analysing vast datasets to identify patterns, AI can predict and prevent attacks, automate routine tasks like threat triage, and even generate simulated attacks to test network vulnerabilities.
AI-native platforms such as CrowdStrike Falcon illustrate how AI is applied in practice across the security stack, including:
AI and machine learning-driven endpoint protection - detecting threats based on behaviour rather than signatures.
Vulnerability management - identifying and prioritising weaknesses before they can be exploited.
Automated threat intelligence - turning historical and real-time global attack data into actionable insights
Managed threat hunting - proactively searching for hidden or emerging threats.
Meet AI cyber threats head-on
It’s clear that to achieve a level playing field, we need to respond in kind to AI-enabled cybercrime.
But it takes more than tools to outsmart today’s cybercriminals.
Yes, a modern defence strategy starts with investing in AI-powered security tools or managed services that can help you detect and respond to threats in real time. The new reality is that AI can analyse large volumes of data, identify anomalies, and automatically prioritise and contain risks - often faster than human teams can react.
But sticking to strong best-practice fundamentals also still matters. For example, it’s critical to regularly assess your email security and authentication protocols, as AI-driven phishing and social engineering are now among the most common attack vectors. It’s only through continuous validation that you can ensure your controls keep pace with the evolving tactics of the cybercrime fraternity.
Just as important is working with a specialist cybersecurity partner who can extend your in-house capability. Providers like Baidam (CrowdStrike’s Growth Partner of the Year for Australia and New Zealand in 2025) combine experienced analysts with advanced platforms to deliver continuous monitoring, real-time threat intelligence, and rapid response when it matters most.
Given that attackers are already using AI to move faster, the most effective strategy to keep up is simple: level the playing field with AI-enhanced tools, strong partnerships, regular validation, and expert oversight.
In partnership with CrowdStrike.