cyber resilience framework
Threatonomics

How AI shaped the cyber threat landscape in 2024

by Emma McGowan , Senior Writer
Published

Artificial Intelligence (AI) has become a cornerstone of modern innovation, driving unprecedented advancements across industries. From streamlining customer service with digital assistants to bolstering cybersecurity with intelligent tools, the global AI market is on a trajectory to surpass $826 billion by 2030. Yet, as this transformative technology integrates deeper into our lives, it brings with it a shadow: AI cyber threats.

In 2024, AI’s dual nature was on full display, reshaping industries while also enabling more sophisticated cyber threats. Here’s a closer look at how AI evolved this year, the challenges it posed, and the countermeasures emerging to defend against its darker applications.

Widespread adoption of AI

By mid-2024, AI saw widespread adoption across sectors, particularly in customer service, cybersecurity, and digital personal assistants. Innovations such as multimodal AI allowed machines to process data from diverse sources, unlocking new capabilities for handling complex tasks. This adoption wasn’t just about novelty; it was a calculated investment. Surveys revealed that many businesses allocated at least 5% of their budgets to AI initiatives.

But with great innovation comes great risk. AI’s integration into everyday technologies, from IoT devices to autonomous systems, has also expanded the attack surface for cybercriminals.

AI cyber threats

As AI matured, so too did the sophistication of cyberattacks leveraging its capabilities. Threat actors exploited generative AI for activities like:

  • Deepfake fraud: AI-powered impersonation tools enabled criminals to bypass traditional security protocols, manipulate organizations, and conduct fraud on an unprecedented scale.
  • Social engineering: Generative AI tools produced convincing phishing campaigns and AI-generated credentials, as seen in a North Korean hacker’s infiltration of a U.S. cybersecurity firm.
  • Disinformation campaigns: State-backed actors weaponized AI to influence political discourse and elections. Deepfake videos and AI-generated content became powerful tools for manipulating public opinion, particularly during the 2024 U.S. elections.

The RansomHub ransomware group and other malicious actors used AI to breach sensitive platforms, demonstrating that even advanced AI-enabled technologies were not immune to attack. Meanwhile, criminal forums buzzed with over 4 million discussions about using AI for illicit activities, from bypassing KYC protocols to orchestrating large-scale fraud.

AI fighting back

Despite the growing threats, AI also emerged as a formidable ally in cybersecurity:

  • Real-time threat detection: Google’s AI-powered Safe Browsing feature added robust protections against malicious files.
  • Innovative countermeasures: Tools like “Mantis” were developed to turn the tables on AI-driven attacks, redirecting automated threats away from networks.
  • AI vs. AI: Security professionals increasingly deployed AI to preemptively identify vulnerabilities, detect suspicious behavior, and neutralize risks before they escalated.

The arms race between attackers and defenders is intensifying, with AI at the center of both offensive and defensive strategies.

What we can expect in 2025 and beyond

As AI technologies continue to evolve, their potential for innovation remains vast. Advancements in machine learning and autonomous systems promise to reduce errors and expand AI applications. However, the rise in AI-enabled threats will necessitate equally advanced defenses.

Organizations must strike a balance—embracing AI’s benefits while preparing for its risks. In this ongoing battle, one thing is clear: AI will not only shape the future of industries but also redefine the frontlines of cybersecurity.

At Resilience, we’re committed to empowering businesses to navigate this evolving landscape. Whether it’s through advanced risk modeling or comprehensive cyber insurance, we’re here to help you stay secure in an AI-driven world.

About the Author
Emma McGowan , Senior Writer

Emma McGowan is the Senior Writer for industry-leading cyber risk company Resilience. She has been a full-time writer and editor for over 10 years, focused on technology and women’s health. Tech-fluent and highly motivated, Emma brings holistic experience leading brands in the delivery of high-quality, high-impact, multimedia digital content supported by strategy, planning, and performance analysis.

You might also like

Why your CFO expects your CISO to measure risk buydown

The CISO walks into the CFO’s office with a carefully prepared pitch. “We need a $500,000 EDR solution,” she says, presenting vendor comparisons and threat intelligence reports. The CFO nods politely and asks one question: “What’s the return on that investment?” The meeting goes sideways from there. The CISO talks about improved threat detection and […]

OpenClaw went viral. So did its security vulnerabilities.

Personal AI agents promise to streamline workflows and automate routine tasks, but a series of recent security incidents has exposed a critical vulnerability in how these tools acquire new capabilities. The findings reveal that threat actors are exploiting the same supply chain tactics that have compromised traditional software ecosystems, while platform security failures are exposing […]

Killing legacy systems might be your smartest financial move 

Every CISO has that one system. Maybe it’s running on Windows Server 2008. Maybe it’s the manufacturing control system that predates your current CEO. Maybe it’s the ancient database that three different business-critical applications depend on, maintained by one person who’s been threatening to retire for five years. You know these systems are problems. Your […]

What your CFO actually cares about (and how to speak their language)

You walk into your CFO’s office with a carefully prepared business case for a critical security investment. The risk assessment is complete, the vulnerabilities are documented, and you’re ready to make your argument. But the moment you mention “attack surface” or “zero-day vulnerabilities,” you can see their attention drift. The issue isn’t that your CFO […]

Risk Briefing: Cyber extortion has fundamentally changed

On January 14, 2026, Resilience launched its inaugural Risk Briefing Series with a clear message for CISOs: the cyber extortion playbook has been rewritten, and organizations relying on traditional defenses are dangerously exposed. In the first session of this monthly intelligence series, Jud Dressler, Director of Resilience’s Risk Operations Center and retired U.S. Air Force […]

The 65% shift that proves ransomware as we know it is dead

The cybersecurity industry has a terminology problem. We’re still calling it “ransomware” when the majority of attacks no longer encrypt and request a ransom for decryption as their primary weapon. Resilience’s analysis of cyber extortion claims in our portfolio throughout 2025 reveals a dramatic acceleration in attack methods. Data theft extortion-only events rose from 49% […]