ESET Ireland has issued a warning regarding the increasing use of AI coding assistants by cybercriminals, a trend that is accelerating the speed and efficiency of cyberattacks. The alert aligns with recent reports of an attacker leveraging an AI chatbot to assist in cyber intrusions targeting government systems, particularly in identifying vulnerabilities and enhancing scripting and automation processes.
George Foley, spokesperson for ESET Ireland, emphasized that the focus should not be on the specific country involved but rather on the evolving methods of attack. “This is what’s changing. The grunt work is getting easier to industrialise. If a criminal can use an AI tool to move faster, iterate faster and automate more, the gap between ‘trying it’ and ‘doing damage’ gets smaller,” he stated.
Foley cautioned organizations against treating this scenario as a case of “AI panic.” He clarified, “AI doesn’t magically break into networks. The usual doors still matter—weak passwords, excessive access, unpatched systems, and people clicking what they shouldn’t. AI just helps attackers work through those opportunities at speed.” This underscores the reality that while AI can enhance cyber threats, the traditional vulnerabilities remain critical points of concern.
ESET Research has previously highlighted the emergence of PromptLock, a ransomware variant that incorporates generative AI into its execution. This case exemplifies how the misuse of AI is transitioning from theoretical discussions into practical applications in the realm of cybersecurity threats.
The timing of these developments is significant, as many Irish organizations are increasingly subject to board-level accountability for cybersecurity under the EU’s NIS2 directive, which aims to bolster cybersecurity standards across various sectors. Foley remarked, “The organizations that will cope best are the ones that have basics nailed down and ownership nailed down. Who can access what? Who approves changes? Who gets alerted when data starts moving in ways it shouldn’t? And who runs the response when something goes wrong?”
He highlighted that the priorities for organizations should be straightforward: tightening identity and access controls, reducing administrative privileges, patching known vulnerabilities quickly, monitoring for unusual data movements, and ensuring that employees are educated about modern phishing and social engineering tactics as we move further into 2026.
As the landscape of cyber threats continues to evolve with the incorporation of AI tools, organizations are urged to remain vigilant and proactive in their cybersecurity measures. The integration of advanced technologies by malicious actors necessitates a robust response and a commitment to cybersecurity best practices to mitigate risks effectively.
See also
Anthropic’s Claims of AI-Driven Cyberattacks Raise Industry Skepticism
Anthropic Reports AI-Driven Cyberattack Linked to Chinese Espionage
Quantum Computing Threatens Current Cryptography, Experts Seek Solutions
Anthropic’s Claude AI exploited in significant cyber-espionage operation
AI Poisoning Attacks Surge 40%: Businesses Face Growing Cybersecurity Risks
