The New Rules of Engagement: Matching Agentic Attack Speed

The cybersecurity industry has been drowning in waves of speculation about the impact of AI-enabled attacks since ChatGPT was launched. Today, that speculation has come crashing down. AI-enabled cyberwarfare isn’t coming, it’s here. In September 2025, Anthropic reported the first documented case of a large-scale cyberattack executed without substantial human intervention. Additionally, Armis’ 2026 State of Cyberwarfare Report (PDF) found that 92% of IT decision-makers in the U.S. are concerned about the impact of cyberwarfare on their organizations, with 64% reporting that they have already been impacted by an AI-generated or AI-led attack over the last 12 months. Attackers are now operating at machine speed, but most defenders remain anchored to human processes and static intelligence. The gap between threat actors and cybersecurity is accelerating. Nearly half (45%) of U.S. IT decision-makers are still detecting and responding to a significant cyberattack as it occurs or after the damage has already been done. In the face of this widening gap, the most basic vulnerabilities become the most dangerous. Testifying before the U.S. House Committee on Homeland Security in December 2025, Royal Hansen, Vice President of Privacy, Safety, and Security Engineering at Google, attested, “it is clear that legacy systems, misconfigured cloud environments, and the exploitation of known vulnerabilities remain significant concerns.” The solution, in Hansen’s words: “AI allows security professionals and defenders to scale and accelerate their work in threat detection, malware analysis, vulnerability detection, vulnerability fixing and incident response.” As nation-state threat actors deploy autonomous agents to scale their operations, cybersecurity must do the same. The industry needs to pivot toward collective, agentic defense mechanisms; specifically, a “hive mind” architecture to share collective intelligence. The Rise of the Machines The democratization of AI-enabled cyberattacks is no longer speculation – it is an observed trajectory. A Chinese state-sponsored threat actor, GTG-1002, weaponized Claude Code (an agentic coding assistant) into an autonomous attack platform. According to Anthropic, human operators just made four to six strategic decisions per campaign, such as selecting targets and authorizing escalation. The AI executed everything else. Under the control of GTG-1002, Claude mapped the complete network topology across multiple IP ranges, identified high-value systems, queried databases, extracted data, and parsed results to identify proprietary information. Anthropic estimated that Claude executed 80-90% of the attack independently, issuing thousands of requests per second – “an attack speed that would have been, for human hackers, simply impossible to match.” As Anthropic noted in its disclosure, any AI model with comparable capabilities could be exploited in the same way. The barrier to conducting these attacks has dropped, and it is not coming back. A Legacy of Vulnerabilities The GTG-1002 attack did not emerge in a vacuum. The threat landscape is already full of nation-state threat actors exploiting vulnerable attack surfaces that agentic AI is now positioned to discover and exploit at scale. For example, Salt Typhoon, another Chinese state-sponsored threat actor, has been active since at least 2019. According to the FBI, the group has breached more than 200 organizations across more than 80 countries. Its primary targets have been telecommunications providers, enabling Chinese intelligence access to call records, text messages, and phone audio from senior government officials. In February 2026, Michael Machtinger, Deputy Assistant Director for Cyber Intelligence at the FBI, said that “the threat posed by Salt Typhoon actors and the rest of the PRC intelligence apparatus and enabling infrastructure is still very, very much ongoing.” Like Hansen, Machtinger also contends that “despite all the advances in cybersecurity tools and strategies, it is still the most basic vulnerabilities that provide entry points.” The problem is clear. Signature-based detection cannot identify polymorphic malware. Manual triage cannot match autonomous reconnaissance. Static intelligence is yesterday’s news and today’s headline. The defenders who rely on traditional solutions cannot prevent the attacks of tomorrow. Enter “The Hive Mind” – Collective Defense Cybersecurity must adopt autonomous, distributed, machine-speed intelligence to combat threats that operate in the same way. Ad hoc security tools and siloed threat intelligence cannot match the velocity of agentic cyberattacks. The agentic era enables a new architecture: a shift to collective defense. Think of it like Waze for cybersecurity. Organizations can leverage real-time telemetry from millions of signals to identify, contextualize, and respond to threats as they emerge. Federated learning enables organizations to train shared AI models on distributed datasets without exposing proprietary information. Differential privacy techniques ensure that collective intelligence cannot be reverse engineered to specific organizations. The industry does not suffer from a shortage of vulnerability data. If anything, they are trying to make sense of too much data. The key is context. Organizations require context within their own environments to prioritize a response to their greatest risks and threats. Collective defense can provide even more context into the behavioral patterns of threats. Rather than matching known signatures, behavioral analytics identifies anomalous patterns that are indicative of an attack. When one organization encounters a novel attack pattern, the entire collective benefits from the intelligence within seconds, not days. The cybersecurity response to AI-enabled nation-state threats cannot be incremental. It must be architectural. Collective defense is a force multiplier. The adversary has already automated its offense. Will defenders be able to do the same? Learn More at the AI Risk Summit at the Ritz-Carlton, Half Moon Bay WRITTEN BY Nadir Izrael Nadir Izrael is Co-founder and CTO at Armis. He co-founded Armis in 2015 with his friend and army colleague, Yevgeny Dibrov, after the two started looking for new and interesting problems to solve in technology. Prior to founding Armis, Nadir spent four years as a senior software manager at Google, working on Google Maps and Google Autocomplete. He began his career in the Israel Defense Forces in the elite Unit 8200 intelligence corps where he served first as a software developer and then as a team leader, ultimately achieving the rank of captain. More from Nadir Izrael How to 10x Your Vulnerability Management Program in the Agentic Era The Upside Down is Real: What Stranger Things Teaches Us About Modern Cybersecurity From Open Source to OpenAI: The Evolution of Third-Party Risk Latest News Anthropic Unveils ‘Claude Mythos’ – A Cybersecurity Breakthrough That Could Also Supercharge Attacks Trent AI Emerges From Stealth With $13 Million in Funding Critical Flowise Vulnerability in Attacker Crosshairs Severe StrongBox Vulnerability Patched in Android GrafanaGhost: Attackers Can Abuse Grafana to Leak Enterprise Data Webinar Today: Why Automated Pentesting Alone Is Not Enough GPUBreach: Root Shell Access Achieved via GPU Rowhammer Attack  Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems Trending Webinar: Securing Fragile OT In An Exposed World March 10, 2026 Get a candid look at the current OT threat landscape as we move past "doom and gloom" to discuss the mechanics of modern OT exposure. Register Webinar: Why Automated Pentesting Alone Is Not Enough April 7, 2026 Join our live diagnostic session to expose hidden coverage gaps and shift from flawed tool-level evaluations to a comprehensive, program-level validation discipline. Register People on the Move Scott Goree has been appointed Senior Vice President of Channel and Alliances at Delinea. Kai has named Nick Degnan as Chief Revenue Officer. Joe Sullivan has been appointed Strategic Advisor at cloud security firm Upwind. More People On The Move Expert Insights The Next Cybersecurity Crisis Isn’t Breaches—It’s Data You Can’t Trust Data integrity shouldn’t be seen only through the prism of a technical concern but also as a leadership issue. (Steve Durbin) Why Agentic AI Systems Need Better Governance – Lessons From OpenClaw Agentic AI platforms are shifting from passive recommendation tools to autonomous action-takers with real system access, (Etay Maor) The Human IOC: Why Security Professionals Struggle With Social Vetting Applying SOC-level rigor to the rumors, politics, and 'human intel' can make or break a security team. (Joshua Goldfarb) How To 10x Your Vulnerability Management Program In The Agentic Era The evolution of vulnerability management in the agentic era is characterized by continuous telemetry, contextual prioritization and the ultimate goal of agentic remediation. (Nadir Izrael) SIM Swaps Expose A Critical Flaw In Identity Security SIM swap attacks exploit misplaced trust in phone numbers and human processes to bypass authentication controls and seize high-value accounts. (Torsten George) Flipboard Reddit Whatsapp Email