Warnings have emerged that hackers will broaden AI-powered cyberattacks subsequent yr, together with utilizing synthetic intelligence (AI) to duplicate executives’ voices and movies. Moreover, so-called “shadow brokers” — AI instruments put in with out firm data — are anticipated to emerge as new cyber threats.
Google Risk Intelligence Group (GTIG) launched its 2026 Cybersecurity Outlook Report on Nov. 5, predicting that AI utilization in cyberattacks will set up itself as a brand new customary. GTIG warned that “in 2026, attackers will transfer past easy text-based phishing to actively make the most of multimodal generative AI together with voice, textual content, and video deepfakes,” including that “there’s a excessive risk of conducting convincing assaults by impersonating executives or companion corporations.” Google noticed that it will improve hackers’ voice phishing success charges and heighten the chance of large-scale enterprise e-mail compromise (BEC) assaults.
The danger of shadow brokers inside corporations can also be anticipated to emerge as a brand new safety menace. Shadow brokers consult with AI instruments not authorised by organizations. GTIG identified that “when workers deploy autonomous AI brokers or instruments with out approval, the chance of delicate knowledge leaking by way of uncontrolled channels will increase.”
GTIG predicted that the financial harm from cybercrime will proceed. Notably, assaults utilizing ransomware and knowledge theft are anticipated to stay the cyber crime varieties inflicting the best financial harm globally subsequent yr. GTIG particularly urged warning, noting the excessive risk of focusing on hypervisors — infrastructure that manages virtualization inside servers. Google identified this as “a deadly safety blind spot the place management over complete digital property may be seized with only a single breach.”
Actions by state-sponsored hacking organizations are additionally anticipated to change into extra energetic. Russia is predicted to bear strategic adjustments, pursuing long-term international strategic aims past short-term tactical assist for the Ukraine battle. The size of cyber operations linked to China is predicted to proceed exceeding the degrees of different nations.
North Korea’s cyber menace organizations are anticipated to broaden high-efficiency, high-profit operations focusing on cryptocurrency organizations and customers for income era. GTIG analyzed that “North Korean IT personnel will broaden their international exercise scope, notably specializing in Europe, to take care of earnings sources.”
Cyber crimes using vehicle-mounted pretend base stations (FBS) are additionally anticipated to proceed. This technique entails cellular base stations impersonating respectable mobile networks to lure close by gadgets to attach, then sending phishing textual content messages. It’s identified that primarily China-linked cyber criminals rent lower-level carriers by way of Telegram to conduct assaults.
South Korea and Japan are anticipated to considerably strengthen provide chain cybersecurity. South Korea is comprehensively reorganizing cyber protection postures in key sectors reminiscent of telecommunications following large-scale breach incidents. Japan plans to introduce a cybersecurity countermeasure analysis system by fiscal yr 2026 to confirm the safety standing of corporations in manufacturing sectors together with semiconductor manufacturing.
