Ransomware Is Getting Smarter: How AI Is Changing the Threat Landscape
Editor’s note: In recognition of National Cybersecurity Awareness Month this October, we are publishing a series of blog posts dedicated to educating and informing you about cybersecurity practices. This is the 10th in a series of posts. Below, you can find a list of links to the rest of the series:
- FBI’s Warning: How to Protect Yourself from AI-powered Schemes
- Stuck on Windows 10? Here Are Your Options After Support Ends
- Job Scam Texts are On the Rise: Here are 5 Red Flags to Watch Out For
- Balance in Cybersecurity: Lock the Doors Before Boarding the Windows
- What is a Vishing Scam and How Do I Protect Myself?
- The CIA of Data Security: What It Means and Why It Matters
- Top 3 Cybersecurity Trends We Uncovered from GrrCON 2025
- Why MDR is the Security Team Your Organization Needs
- BYOD for Smartphones: Balancing Security, Privacy and Cost
- Numbers Don’t Lie: Phishing Training Works (Posting Oct. 22)
- Beware: Phishing Attacks Can Now Mimic Your Organization’s Login Page in Real Time (Posting Oct. 27)
- Traveling for Work? Here are the Best and Worst Ways to Connect. (Posting Oct. 28)
- Why You Should Care About Your Organization’s Security Culture Score (Posting Oct. 29)
Generative AI is a great tool for writing emails, creating Excel formulas and automating time-consuming tasks. And because it’s so new, we’re continually learning what is possible.
Unfortunately, it’s already being weaponized to create ransomware, as nearly 75% of phishing kits sold to hackers include AI as a feature. No longer do you need to be an expert coder or proficient in creating malicious software. It does all the hard work for you.
At the heart of the AI-based ransomware is what’s known as AI agentic ransomware. We’ll talk about what that is and what you can do to protect yourself from these emerging threats.
AI Agentic Ransomware: Collaborative Attacks
AI agentic ransomware is a collection of AI bots that perform all the steps needed to carry out a successful ransomware attack, only faster and better than a human can.
Think of AI agentic ransomware like how a house is built. One person might be able to do everything necessary to build it by themself, but most people hire a general contractor. That general contractor hires subcontractors to do the roofing, electrical, plumbing and other aspects of building the house.
Like the subcontractors, each AI bot has a specific duty to perform, and they work together to conduct ransomware attacks.
What can AI agentic ransomware do?
- Find missing patches to exploit: Like outdated versions of Windows or other software
- Steal passwords: Using AI-generated phishing emails
- Encrypt data: Locking down sensitive customer or financial files
- Create deepfake images or videos: Impersonating your CEO asking for a wire transfer
- Ask for a ransom: Often using personalized messages tailored to your or your organization
Once it’s done with its victim, it can self-analyze to determine what could have been done better, updating itself accordingly.
It’s scary to think how easy it is to use and how proficient it is at carrying out attacks, but it’s not all doom and gloom.
Attackers are getting better at disguising their phishing attacks. Don’t wait until someone at your organization falls victim to implement phishing training.
Defending Against AI Agentic Ransomware
So, how do you protect yourself against these advanced threats?
1.) Be skeptical of images and videos
Just like you should have a healthy dose of skepticism regarding emails and text messages you receive, that same level of skepticism should be applied to images and videos.
While not perfect, AI is continually improving at creating fake images or videos of celebrities endorsing fake products or company executives asking for payment or information.
Just because it looks real doesn’t mean it is.
If you receive an unexpected message asking you to do something, research the request or alert your IT staff/managed service provider. These images or videos could go viral on social media, as well, so be wary of untrustworthy accounts that spread misinformation.
2.) Upgrade/replace hardware or software
Not only should you ensure your hardware and software are always up to date with the latest patches, but you should also replace any old devices or software that are no longer supported.
Hardware and software updates fix vulnerabilities that can be exploited by attackers. Once a product isn’t supported, those vulnerabilities can’t be fixed, leaving your organization exposed.
Microsoft, for example, ended support for Windows 10 last week on Oct. 14, 2025. Any computers that cannot upgrade to Windows 11 are vulnerable to new threats.
3.) Use Agentic AI in your security tools
One of the best ways to combat agentic AI ransomware is to use agentic AI for good. Make sure the security tools and services you use not only use AI but are aware of AI-based attacks.
If you’re not sure, talk to your IT staff or MSP. They can tell you what tools do and do not use AI and look into AI-enabled tools for you.
Train Your Team to Spot AI-driven Scams
Attackers are getting better at disguising their phishing attacks. Don’t wait until someone at your organization falls victim to implement phishing training.
If you’re looking to protect your company from cybersecurity threats, contact us to learn how we can help train your employees to spot the telltale signs of a scam.
Stay updated! Get tips and insights delivered to your inbox weekly by subscribing to our newsletter.
