Microsoft reported that attackers are using artificial intelligence at every stage of a cyberattack

Microsoft warns of the rise in cybercriminal use of artificial intelligence

*Key findings from Microsoft's Threat Intelligence report*

AI helps attackers: Reconnaissance and phishing, targeted email generation, content translation, identity spoofing, creation of malicious PON, code writing, optimization, debugging, dynamic script generation, infrastructure preparation, automatic creation of corporate sites and networks, testing and bug fixing

1. Why AI is becoming a hacker’s weapon
Microsoft notes that cybercriminals are increasingly using generative models to perform various tasks: from crafting phishing emails to developing and debugging malware.

> “AI acts as an enabler. It lowers technical barriers, speeds up operations, but the operator retains control over targets and target selection,” the report says.

2. Examples of groups
Group | How they use AI
---|---
Jasper Sleet (Storm‑0287) | Creating fake digital identities: generating names, email addresses, resumes; analyzing job postings to tailor personas for specific roles.
Coral Sleet (Storm‑1877) | Rapidly building counterfeit corporate sites, deploying malicious infrastructure, testing and fixing bugs in real time.

Both groups use AI to forge employee profiles of Western companies to hire “remote” IT specialists.

3. How AI facilitates malware development
* Code generation and optimization via language models.
* Porting components between programming languages.
* Dynamic script generation and behavior modification at runtime.
* Bypassing defenses through specially crafted requests.

4. What organizations should do
1. Treat AI schemes as insider threats – many attacks rely on abusing legitimate system access.
2. Monitor anomalous credential usage – the first indicator of potential compromise.
3. Strengthen phishing‑resistant identification – implement multi‑factor authentication and staff training.
4. Secure the AI systems themselves – protect models that could become targets in future attacks.

Conclusion
AI is becoming a powerful tool for cybercriminals: it accelerates attack preparation, lowers technical barriers, and increases the scalability of malicious activity. Microsoft urges organizations to bolster defenses at all levels—from credentials to their own AI solutions.