AI and Cybersecurity: How do countries compete?

Artificial Intelligence is seeping into everyone’s lives. At this point, you might think it is on the periphery of your life, unless you work somewhere in IT, but there is almost no space where it can be avoided. I am sure you are inundated with content about AI, where it is highlighted in the news or watching a video on social media that was created using AI. In many ways it has become somewhat of a boogeyman for several economic and political issues, but there is nothing wrong with using a new tool that will bring major benefits to society. Some believe that it is “an indispensable tool” but at the same time it is also “a new vector of risk, expanding the scale, sophistication and speed of potential attacks.” This is where the need for cybersecurity comes into play. Companies that use AI are entering into a world that is much so much faster that the need to stay relevant in competition with other companies. This is also true for national security for nation states.

Using AI for cybersecurity is one way to ensure that cyber threats are defended on the same level as the opponent. Crowdstrike outlines the major components on how it is achieved through implementing the following: 

• Machine learning (ML): To recognize patterns and learn from past incidents

• Natural language processing: To interpret human language, streamlining the analyst experience in task execution and democratizing security decision-making across teams

• Data mining: To extract valuable patterns and insights from large datasets

• Predictive analytics: To forecast potential threats based on historical data

• Behavioral analytics: To monitor and analyze user behavior to detect anomalies

• Automated decision-making: To enable quick responses to identified threats

Building a team of IT experts to enact these components requires new skills and scaling up resources for many organisations in the public and private sectors. The Fortinet Training institution has released a report stating that “organizations are turning increasingly to AI to strengthen their capabilities and posture, even as they acknowledge AI could also be used against them as an engine of new or improved cyberattacks. The majority (80%) say AI tools are helping their IT and security teams be more effective” but this cannot be accomplished without skilled cybersecurity professionals to ensure proper defense. 

Experts in cybersecurity need to understand how hackers are using AI to attack an organisation's digital vulnerabilities. Akamai explains that the AI that is developed by hackers enables them to “more effectively, avoid detection, execute more sophisticated attacks, and scale their operations.” They also explain sophistication level in the chart below:

The level of sophistication of AI hacking was demonstrated by the GTG-1002 attack that was disclosed by Anthropic in November 2025. A Chinese state-sponsored hacking group infiltrated Anthropic’s AI to weaponise their chatbot Claude. According to PCQuest, the hackers

“built false personas that framed the activity as legitimate penetration testing. Prompts were written to match the tone and workflow patterns of routine security operations. Each malicious action was broken into small requests that appeared harmless. This allowed them to avoid safety systems that would block requests if presented as a full chain.”

When Anthropic released their report of the attack, the revealed that “revealed a well-resourced, professionally coordinated operation involving multiple simultaneous targeted intrusions. The operation targeted roughly 30 entities and our investigation validated a handful of successful intrusions.” These entities include private and public organisations, including “included major technology corporations, financial institutions, chemical industries, and government agencies from various countries.” Luckily, the hack was not flawless as the “hacking group had to contend with Claude overstating its abilities, fabricating data and occasionally claiming credit for stealing information it had actually found on the public internet.” AI has not reached a level where it can be the sole provider for cybersecurity to combat external threats as it is still in early stages of development. The need to secure its vulnerabilities is highlighted here in the first AI-powered cyberattack.

In order to combat these threats, organisations require more than just AI to be able to determine a threat as well as uncover an attack. IT cybersecurity professionals require “human judgement, interpretation and guidance. Soft skills such as analytical and creative thinking, communication, collaboration, and agility will be just as critical in the AI era for managing risk effectively and maintaining resilient security operations.” It does not matter if you are a small organisation or a sovereign state, there is no going back now as AI has changed the game when it comes to cybersecurity.