How AI is reshaping cybersecurity
April 27
Late in 2025, state-sponsored Chinese hackers used artificial intelligence technology to infiltrate the computer systems of roughly 30 companies and government agencies worldwide, according to Anthropic, an American artificial intelligence safety and research company.
According to Anthropic, this is the first reported case of a cyberattack in which AI technologies had gathered sensitive information with limited help from human operators. Human hackers, Anthropic said, handled about 10 to 20% of the work needed to conduct the attack.
Nadya Bliss, Executive Director for the Advanced Capabilities for National Security Institute at Arizona State University, joined “Arizona Horizon” to discuss cybersecurity in the era of AI.
Bliss explained technology from Anthropic, OpenAI, Google and other companies could allow hackers to identify security holes in computer systems far faster than in the past, raising the stakes in the decades-long fight between hackers and the cybersecurity experts guarding computer networks.
The latest AI can be used for both offense and defense, Bliss said. As hackers deploy AI to break and steal, security experts are also leaning on AI to spot flaws in their systems, which includes those areas that have gone unnoticed for decades. The question is, who finds the flaws first?
“It’s probably not the first,” Bliss said, “but this has gotten a significant amount of visibility because the rate at which these models can identify vulnerabilities and exploit them is basically at the level of expert hackers.”
Bliss explained the fundamental shift occurring in the AI landscape: a program that would previously require an expert human hacker now doesn’t require humans at all. She emphasized AI has been in development for decades, as she recalled teaching an artificial intelligence course at Cornell University roughly 20 years ago.
“The adoption and penetration of these systems has created this very different type of attack, environment and defense environment,” Bliss said. “So you can think of it as a very scary thing, because attackers now don’t need sophisticated hacking knowledge. But at the same time, it can also be a pretty positive thing because defenders can build those defenses.”
