Cyber criminals are weaponising artificial intelligence to transform traditional attack methods into automated, relentless campaigns that are overwhelming business defences at an unprecedented scale.

You can forget the lone hacker in a hoodie; today’s threat landscape has changed. It’s bots running 24/7, powered by AI, scanning for any open door to your business systems.

“The bad guys are shifting from stealth to speed,” says Devon Kerr, head of Elastic Security Labs. “They’re launching waves of opportunistic attacks with minimal effort.”

Elastic’s report is based on more than a billion data points collected from real business environments, and the trends aren’t pretty.

The number of generic threats, such as AI-generated malware that’s churned out in bulk, jumped 15.5% in the past year. Meanwhile, malicious code execution on Windows nearly doubled to 32.5%

Elastic reports that Generative AI is behind the spike. Gen AI has made it incredibly easy to create malware, phishing emails and fake logins that look legit. It’s the industrialisation of cyber crime: mass-produced, automated, and scalable.

“AI is lowering the barrier to entry for threat actors. We’re seeing adversaries using large language models to churn out simple but effective malicious loaders and tools,” said Kerr.

The Browser Has Become Ground Zero

Your web browser has emerged as a prime target for modern cyber criminals. The Elastic report reveals that one in eight malware samples now specifically target browser data, turning saved passwords, autofill information, and browsing history into valuable commodities for attackers.

These browser-based ‘infostealers’ are particularly effective against Chromium-based browsers including Chrome, Edge, Opera and Brave. According to the FBI’s Internet Crime Complaint Center, cyber crime losses exceeded $12.5 billion in 2023, with credential theft emerging as a primary attack vector.

Once stolen, these credentials are either sold on dark web marketplaces or used to infiltrate business systems from within. The report identifies credential theft as the most common sub-technique hackers now employ to gain initial access.

Windows Under Siege

Attacks targeting Windows systems have nearly doubled, overtaking defence evasion tactics for the first time in three years. This dramatic shift represents a fundamental change in attacker strategy.

Hackers are abandoning stealth in favour of brazen, direct attacks. Known malware families like GhostPulse, which accounted for 12% of security events, are being deployed to deliver data-stealing malware including Lumma and Redline.

The Cybersecurity and Infrastructure Security Agency (CISA) has reported a 74%increase in ransomware incidents targeting critical infrastructure in 2024, with Windows systems representing the majority of compromised endpoints.

Cloud Services in the Crosshairs

Businesses relying on cloud platforms like Microsoft 365, Azure, or Google Workspace face mounting threats. More than 60 per cent of cloud security events involved unauthorised access, stolen credentials, or attackers establishing persistent access.

According to IBM’s Cost of a Data Breach Report 2024, cloud-based breaches now cost organisations an average of $4.88 million per incident.

The login process remains the weakest link, with attackers exploiting compromised passwords or poorly secured administrative credentials to wreak havoc across entire systems.

Microsoft reported in its 2024 Digital Defense Report that password-based attacks increased by over 3,000 per cent year-over-year, with more than 7,000 password attacks occurring every second across their systems.

The New Reality: Speed Over Sophistication

Today’s AI-enhanced attackers have abandoned the old playbook of patient, stealthy infiltration. Instead, they’re launching waves of small, opportunistic probes, searching for vulnerabilities at machine speed.

These ‘speed attacks’ prioritise volume over sophistication, making them particularly dangerous for small and medium-sized businesses that lack enterprise-grade security infrastructure or dedicated IT security teams.

The Verizon 2024 Data Breach Investigations Report found that 68 per cent of breaches involved a human element, such as stolen credentials or social engineering, techniques that AI is now automating at scale.

Small Businesses Face Mounting Pressure

For small business owners, the message is clear: traditional security measures are no longer sufficient. The battleground has shifted to browsers, identity systems, and cloud platforms.

According to the Ponemon Institute’s 2024 Cost of Cyber Crime Study, small businesses with fewer than 500 employees experienced an average annual cyber crime cost of $3.31 million, a figure that can prove catastrophic for organisations operating on tight margins.

“Defenders need to adapt their detection strategies for this new era of speed attacks,” Kerr says. “Hardening identity protections is now more urgent than ever.”

Building Better Defences

Security experts recommend four critical measures that businesses of any size can implement:

• Strengthen identity verification. Multi-factor authentication (MFA) should be mandatory across all accounts. The National Institute of Standards and Technology (NIST) reports that MFA can prevent 99.9 per cent of automated attacks. Regular password rotation and periodic access reviews are essential.
  
  
• Fortify browser security. Disable automatic password saving in browsers and restrict extensions to verified sources. Password managers offer superior security. Employee education about sophisticated phishing attempts that mimic legitimate login pages is critical.
  
  
• Deploy intelligent automation. AI-assisted detection tools can identify suspicious behaviour faster than human analysts, but human oversight remains essential for making final security decisions. Automation provides speed; human judgment provides context.
  
  
• Maintain cloud hygiene. Regular audits of cloud permissions, immediate deactivation of inactive accounts, and login alert systems provide visibility into who’s accessing your systems and from where.

The cyber security landscape of 2025 is fundamentally different from previous years.

As artificial intelligence gives criminals the same productivity advantages it offers legitimate businesses, organisations must recognise that they’re not just competing against human attackers, but against machines that never sleep, never tire, and probe defences thousands of times per second.

While no defence is impenetrable, businesses that implement robust identity protections, browser security measures, and maintain vigilant monitoring of their cloud environments stand a significantly better chance of avoiding becoming another statistic in next year’s threat report.