Prepare For AI-Augmented Cybercrime
AI is no longer just a tool for defenders; it’s now a weapon in the hands of cybercriminals. Anthropic’s August 2025 Threat Intelligence Report reveals our new reality: Threat actors are using AI not just to assist but to actively orchestrate cyberattacks. This includes automating phishing campaigns, bypassing security controls, and exfiltrating sensitive data, often without human intervention.
AI Scales Cybercrime Faster Than We Can Defend Against It
The report outlines how Claude, Anthropic’s agentic AI coding assistant, was misused in multiple sophisticated campaigns. One standout case, dubbed “vibe hacking,” involved a threat actor using Claude Code to automate reconnaissance, credential harvesting, and commit extortion across 17 organizations in sectors ranging from healthcare to emergency services.
Rather than encrypting systems, the attacker used Claude to exfiltrate sensitive data and craft psychologically targeted ransom notes. These notes were embedded into victim machines and tailored to each organization.
Key takeaway for CISOs: Recognize the speed and scale shift of adversaries. AI enables attackers to scale operations with minimal technical skill. Your adversary may not be a seasoned hacker. They may just be good at prompting an AI agent. Include AI-assisted adversaries in your risk assessments and augment your detection and response capabilities with managed detection and response.
AI Simulates Competence To Infiltrate Your Workforce
Another case exposed how North Korean operatives used Claude to secure remote tech jobs at Western companies. These actors couldn’t write code or communicate professionally without AI assistance, yet they passed interviews and performed satisfactory work.
Claude helped them:
Generate fake resumes and portfolios.
Prepare for interviews.
Deliver front-end and scripting work.
Maintain daily communications with teams.
Key takeaway for CISOs: Invest in AI detection, as AI now enables insider risk. Vetting technical competence and monitoring behavioral anomalies in remote workers is now a critical security function. Turn to The CISO’s Primer For Defining Human-Element Breaches and Best Practices: Insider Risk Management for more details on how to handle this issue. Traditional security tools won’t catch synthetic personas. This reinforces the advice in our Budget Planning Guide 2026: Security And Risk to experiment with deepfake detection to combat these threats.
No-Code Ransomware As A Service
A UK-based threat actor used Claude to build and sell ransomware kits on dark web forums. Anthropic shared that these kits featured ChaCha20 encryption, anti-endpoint detection and response techniques, and stealthy delivery mechanisms all created by someone who, it appeared, couldn’t code without AI.
Claude enabled:
Direct syscall evasion.
Shadow copy deletion.
Modular malware architecture.
Commercial packaging with PHP consoles.
Key takeaway for CISOs: The barrier to entry for ransomware development disappeared. Expect more frequent attacks from less experienced actors. This makes prioritizing your ransomware readiness and response efforts more important than ever.
AI Is Powering End-To-End Fraud Ecosystems
From carding stores to romance scam bots, AI is now embedded across the fraud supply chain. According to Anthropic, threat actors used Claude to:
Analyze stealer logs and build victim profiles.
Automate credit card validation across multiple APIs.
Generate emotionally intelligent scam messages.
Create synthetic identities for financial fraud.
Key takeaway for CISOs: Fraud is no longer manual. AI enables real-time adaptation, behavioral targeting, and operational resilience for adversaries. Use fraud management tools that incorporate generative AI to combat AI-enabled fraud.
These are just excerpts from a few of the fantastic case studies detailed in the full Anthropic Threat Intelligence Report from August 2025 — it’s a must-read for CISOs and their teams.
Connect With Us
Forrester clients can schedule an inquiry or guidance session to discuss attackers’ use of AI, AI for cybersecurity, human-element breaches, and insider risk (among many other security topics).
You can also connect with us and learn more about securing AI and using it for cybersecurity at the upcoming Forrester Security & Risk Summit. The event is packed with visionary keynotes, informative breakout sessions, interactive workshops, insightful roundtables, and other special programs to help you master risk and conquer chaos. Join us November 5–7 in Austin, Texas — we can’t wait to see you there!
