Main Logo Expert commentary on tech and security

Preparing for the coming AI cyber storm

Gil Baram 14 February 2025
Share On:
The rise of artificial intelligence brings new risks and new tools for cybersecurity. Collaboration, risk assessment, and intelligence sharing can help the EU prepare and defend
Main Top Image
Visual created by Martin Rästa

Cyberattacks in the European Union rose by 24% in 2024 compared to the previous year and ransomware remained the primary threat. Cybercriminals are using AI-enabled automation to enhance their cyber capabilities and achieve their goals faster. As artificial intelligence (AI) continues to evolve, it is reshaping both offensive and defensive capabilities in cybersecurity and expanding the scope and scale of cyberattacks. 

This technological shift presents European policymakers with a complex challenge: harnessing AI’s potential to strengthen defences while mitigating its use in sophisticated attacks. The nexus of AI and cybersecurity is not just a technical issue but a strategic concern that will shape Europe’s digital resilience in the coming years.

AI and cybersecurity today: more of the same but in scale

Generative AI has emerged as a double-edged sword in the cybersecurity realm. While security vendors leverage AI-powered tools to enhance analysts’ productivity, cybercriminals exploit the same technologies to create more convincing phishing attacks, deepfakes, and social engineering campaigns

Cybercriminals are increasingly using AI tools to automate and enhance various aspects of their operations, from social engineering to the creation of malicious software. AI-powered attacks, such as sophisticated distributed denial-of-service and brute force attacks, are becoming more frequent and difficult to counter

The Europol Internet Organised Crime Threat Assessment 2024 report notes that phishing remains the most prevalent vector of attack, with AI tools refining fraudsters’ social engineering capabilities. AI tools can quickly utilise information from data breaches, draft convincing and grammatically correct emails, and even clone the voices of trusted contacts. 

Additionally, the EU is urging major tech platforms to identify AI-generated content to safeguard elections from disinformation. For example, AI can create fake statements or actions attributed to political figures or amplify polarizing narratives through tailored content. While AI also offers benefits like improving cybersecurity and detecting fraud, its misuse underscores the need for safeguards to protect democratic integrity.

In response, AI can be employed to enhance identity and access management, improve phishing detection, and enable adaptive security measures. Predictive analytics powered by AI are also used to anticipate emerging threats, providing early warnings for preventive measures. However, the cat-and-mouse game between attackers and defenders continues to escalate. While AI is already reshaping cybersecurity practices, the horizon reveals even more complex challenges that defenders worldwide must prepare for.

AI and cybersecurity in the (not too far) future: AI agents and swarms 

As AI technology advances, Europe faces emerging threats that could redefine cybersecurity. 

Agentic AI swarms, currently still in their initial stage, represent the next phase in the evolution of generative AI. These systems allow developers to create multiple specialised AI tools that can work together autonomously, amplifying the scale and sophistication of cyberattacks. In this scenario, individual AI agents could be developed for specific tasks, such as reconnaissance, exploitation, and data exfiltration, and work in concert to overwhelm defences. Each agent in the swarm would perform a distinct role, making the attack highly effective and difficult to counter. These swarm attacks could act like digital mobs, overwhelming defences through sheer volume and speed.

Another emerging threat is the potential for AI versus AI warfare, where attackers deploy AI systems specifically to disrupt or outmanoeuvre defensive AI tools. This could include techniques like model poisoning, where attackers manipulate the training data or algorithms of security AI systems to make them ineffective.

The spread of advanced attack tools is also a concern. As AI technologies become cheaper and more accessible, even unsophisticated actors can launch complex attacks. This widening potential attacker pool creates a far more unpredictable threat landscape. These future threats underscore the need for organisations and countries to adopt equally advanced AI-powered defences and to develop new strategies for detecting and mitigating attacks from autonomous AI systems. 

Fortifying Europe’s digital defences

Enhance the European Cybersecurity Shield with AI-focused threat intelligence

Building upon the foundation of the European Cybersecurity Shield, the EU should consider developing an AI-focused threat intelligence component. This enhancement would align with the Shield’s goal of improving cyber threat detection capabilities across member states. The AI-focused component could: (1) facilitate the sharing of AI-specific cyber threat intelligence among national and cross-border security operations centres (SOCs); (2) develop standardised protocols for identifying, analyzing, and responding to AI-enabled cyber threats; and (3) create a centralised repository of AI-related cyber threat indicators and attack patterns.

The European Commission has proposed allocating up to €842.8 million ($877.7 million) for cybersecurity actions under the Digital Europe Program, with a significant portion dedicated to implementing the European Cybersecurity Shield. This initiative will enhance real-time threat detection and response capabilities, strengthening the EU’s collective cyber resilience. The EU launched the first phase in November 2022, selecting three consortia of cross-border SOCs, bringing together public bodies from 17 member states and Iceland.

Implement an AI threat simulation environment

To complement the EU Policy on Cyber Defence’s aim of strengthening cyber defence capabilities and coordination between military and civilian cyber communities, an AI threat simulation environment should be established. This environment would: provide a controlled platform for cybersecurity professionals to test defences against simulated AI-powered attacks; offer realistic scenarios that reflect emerging AI-enabled threat vectors; and enable collaborative exercises involving both public and private sector entities to improve coordinated response capabilities. 

An AI threat simulation environment within an EU-wide AI threat intelligence platform could be modelled after the CyberRange platform developed by Airbus. This advanced simulation and training solution allows organisations to build complex virtual and physical systems to work through realistic scenarios, including AI-enabled cyberattacks. The platform could build trust and cooperation among a network of cybersecurity centres and a central competence hub, offering dependable and secure incident handling, collaboration, and early information-sharing capabilities. This initiative will enhance the EU’s collective ability to detect, analyse, and respond to AI-related cyber threats.

Integrate AI risk assessment into existing frameworks

Furthermore, the EU should require organisations deploying high-risk AI systems in cybersecurity to conduct and document regular risk assessments and focus on potential biases, vulnerabilities, and unintended consequences of AI systems. The EU AI Act categorises AI systems into four risk levels: unacceptable, high, limited, and minimal. It mandates providers of high-risk systems to ensure their applications comply with cybersecurity requirements and undergo a compliance assessment before being placed on the market or becoming operational in the EU. 

Leveraging the risk-based approach of the EU AI Act, AI-specific risk assessments should be integrated into existing cybersecurity frameworks. 

The EU should: 

  1. Develop guidelines for assessing the potential risks of AI systems used in cybersecurity applications; 
  2. Require organizations deploying high-risk AI systems in cybersecurity to conduct and document regular risk assessments, focusing on potential biases, vulnerabilities, and unintended consequences; and
  3. Align these assessments with the European Cybersecurity Shield’s threat detection and information sharing capabilities.

By implementing these recommendations, the EU can enhance its preparedness for AI-enabled cyber threats while strengthening existing cybersecurity initiatives and policies. By prioritising cross-border collaboration, conducting thorough risk assessments, and proactively sharing threat intelligence, Europe can significantly improve its collective ability to detect and respond to transnational AI-enabled cyber threats, positioning itself as a global leader in the field.

This essay was awarded 3rd place in the AI-Cybersecurity Essay Prize Competition 2024-2025, organised in partnership between Binding Hook and the Munich Security Conference (MSC), and sponsored by Google.

avatar
Gil Baram

Related

Featured image
Binding Edge
When tech markets fail, lemons prevail
Nils Brinker 7 August 2024
Read more arrow
Featured image
Binding Edge
The Uncertainty Maschine
Gavin Wilde 8 February 2024
Read more arrow
Featured image
Binding Edge
Pell Mell or Pas Mal? Governing commercial cyber intrusion capabilities
James Shires 11 November 2024
Read more arrow

Terms and Conditions for the AI-Cybersecurity Essay Prize Competition

Introduction

The AI-Cybersecurity Essay Prize Competition (the “Competition”) is organized by Virtual Routes (“Virtual Routes”) in partnership with the Munich Security Conference (“MSC”). It is sponsored by Google (the “Sponsor”). By entering the Competition, participants agree to these Terms and Conditions (T&Cs).

Eligibility

The Competition is open to individuals worldwide who are experts in the fields of cybersecurity and artificial intelligence (“AI”). Participants must ensure that their participation complies with local laws and regulations.

Submission Guidelines

Essays must address the question: “How will Artificial Intelligence change cybersecurity, and what are the implications for Europe? Discuss potential strategies that policymakers can adopt to navigate these changes.”

Submissions must be original, unpublished works between 800-1200 words, excluding footnotes but including hyperlinks for references.

Essays must be submitted by 2 January 2025, 00:00 am CET., through the official submission portal provided by Virtual Routes.

Only single-authored essays are accepted. Co-authored submissions will not be considered.

Participants are responsible for ensuring their submissions do not infringe upon the intellectual property rights of third parties.

Judging and Awards

Essays will be judged based on insightfulness, relevance, originality, clarity, and evidence by a review board comprising distinguished figures from academia, industry, and government.

The decision of the review board is final and binding in all matters related to the Competition.

Prizes are as follows: 1st Place: €10,000; Runner-Up: €5,000; 3rd Place: €2,500; 4th-5th Places: €1,000 each. The winner will also be invited to attend The Munich Security Conference

Intellectual Property Rights

The author retains ownership of the submitted essay.

By submitting the essay, the author grants Virtual Routes exclusive, royalty-free rights to use, reproduce, publish, distribute, and display the essay for purposes related to the Competition, including but not limited to educational, promotional, and research-related activities.

The author represents, warrants, and agrees that no essay submitted as part of the essay prize competition violates or infringes upon the rights of any third party, including copyright, trademark, privacy, publicity, or other personal or proprietary rights, breaches, or conflicts with any obligation, such as a confidentiality obligation, or contains libellous, defamatory, or otherwise unlawful material.

The author agrees that the organizers can use your name (or your pseudonym) and an image of you in association with your essay for purposes of publicity, promotion and any other activity related to the exercise of its rights under these Terms.

The organizers may remove any essay-related content from its platforms at any time and without explanation.

The organizers may block contributions from particular email or IP addresses without notice or explanation.

The organizers may enable advertising on its platforms and associated social media accounts, including in connection with the display of your essay. The organizers may also use your Material to promote its products and services.

The organizers may, at its sole discretion, categorise Material, whether by means of ranking according to popularity or by any other criteria.

Data Protection

Personal information collected in connection with the Competition will be processed in accordance with Virtual Routes’ Privacy Policy. Participants agree to the collection, processing, and storage of their personal data for the purposes of the Competition.

Liability and Indemnity

Virtual Routes, MSC, and the Sponsor will not be liable for any damages arising from participation in the Competition, except where prohibited by law.

Participants agree to indemnify Virtual Routes, MSC, and the Sponsor against any claims, damages, or losses resulting from a breach of these T&Cs.

General Conditions

Virtual Routes reserves the right to cancel, suspend, or modify the Competition or these T&Cs if fraud, technical failures, or any other factor beyond Virtual Routes’ reasonable control impairs the integrity or proper functioning of the Competition, as determined by Virtual Routes in its sole discretion.

Any attempt by any person to deliberately undermine the legitimate operation of the Competition may be a violation of criminal and civil law, and, should such an attempt be made, Virtual Routes reserves the right to seek damages from any such person to the fullest extent permitted by law.

Governing Law

These Terms and Conditions are governed by the laws of the United Kingdom, without regard to its conflict of law principles. Any dispute arising out of or in connection with these Terms and Conditions, including any question regarding its existence, validity, or termination, shall be referred to and finally resolved by the courts of the United Kingdom. The participants agree to submit to the exclusive jurisdiction of the courts located in the United Kingdom for the resolution of all disputes arising from or related to these Terms and Conditions or the Competition.