Text Component
Mutating malware and ransomware: Attackers can leverage AI to quickly write mutating programs that evade traditional detection methods and corrupt data or lock systems down until ransom payments are made. As part of its protective DNS research, security vendor HYAS has demonstrated an autonomous malware proof of concept leveraging generative AI that reads its target environment, determines attack vectors, and generates and tests malware until successful.
If you are a European Union individual, please click here.
For our privacy notice regarding additional rights you may have in certain US states, please click here.
If you are a resident of Brazil, please click here.
If you are a resident of South Africa, please click here.
If you are an individual in the People's Republic of China, please click here.
If you are a resident of Thailand, please click here.
If you are a resident of Canada, please click here.
If you are a resident of the Kingdom of Saudi Arabia, please click here.
If you are a resident of Indonesia, please click here.
As part of our global, entrepreneurial team, you’ll do meaningful work from day one. We’re looking for individuals who challenge the norm, and constantly strive to build something new for the firm and the world around us.
Long Form Text V3
Mutating malware and ransomware:
Americas: Danielle Arceneaux
Asia Pacific: Eva Tong
Europe: Patricia Romero
India, Middle East, Africa: Mohaned Mahgoub
Americas: Danielle Arceneaux
Asia Pacific: Eva Tong
Europe: Patricia Romero
India, Middle East, Africa: Mohaned Mahgoub
Attackers can leverage AI to quickly write mutating programs that evade traditional detection methods and corrupt data or lock systems down until ransom payments are made.
As part of its protective DNS research, security vendor HYAS has demonstrated an autonomous malware proof of concept leveraging generative AI that reads its target environment, determines attack vectors, and generates and tests malware until successful.
Mutating malware and ransomware: Attackers can leverage AI to quickly write mutating programs that evade traditional detection methods and corrupt data or lock systems down until ransom payments are made. As part of its protective DNS research, security vendor HYAS has demonstrated an autonomous malware proof of concept leveraging generative AI that reads its target environment, determines attack vectors, and generates and tests malware until successful.
Mutating malware and ransomware: Attackers can leverage AI to quickly write mutating programs that evade traditional detection methods and corrupt data or lock systems down until ransom payments are made. As part of its protective DNS research, security vendor HYAS has demonstrated an autonomous malware proof of concept leveraging generative AI that reads its target environment, determines attack vectors, and generates and tests malware until successful.
In the relatively short time since ChatGPT was publicly released, artificial intelligence (AI), especially generative AI, has become a weapon of choice for cyberattackers targeting US companies, local governments, and federal agencies. In a survey by security vendor Darktrace of cybersecurity and IT professionals, 74% of participants agreed that AI-powered threats now pose a significant challenge for their organization.
Mutating malware and ransomware: Attackers can leverage AI to quickly write mutating programs that evade traditional detection methods and corrupt data or lock systems down until ransom payments are made. As part of its protective DNS research, security vendor HYAS has demonstrated an autonomous malware proof of concept leveraging generative AI that reads its target environment, determines attack vectors, and generates and tests malware until successful.
The imperative to revamp or reinforce cyber defenses
In the face of these advanced AI-driven threats, traditional cyber defenses such as signature-based antivirus software and rule-based intrusion detection systems are insufficient. It is imperative to determine and deploy a more adaptive and intelligent cybersecurity framework with pillars including:
If you have any questions in relation to this Privacy Notice, please contact owglegalandcompliance@oliverwyman.com.
Cookies policy
We use cookies on the websites. If available, you can opt-out of our use of certain cookies using our Cookie Management Tool linked at the bottom of the site. To find out more about how we use cookies, please see our Cookies Policy here.
If you have any questions in relation to this Privacy Notice, please contact owglegalandcompliance@oliverwyman.com.
Cookies policy
We use cookies on the websites. If available, you can opt-out of our use of certain cookies using our Cookie Management Tool linked at the bottom of the site. To find out more about how we use cookies, please see our Cookies Policy here.
If you have any questions in relation to this Privacy Notice, please contact owglegalandcompliance@oliverwyman.com.
Cookies policy
We use cookies on the websites. If available, you can opt-out of our use of certain cookies using our Cookie Management Tool linked at the bottom of the site. To find out more about how we use cookies, please see our Cookies Policy here.
AI-powered threat detection: Organizations must invest in advanced threat detection systems that use AI, including machine learning and deep learning, to identify and mitigate evolving cyber threats. These systems can analyze vast amounts of data from many different sources in real time, detecting patterns and anomalies that may indicate potential attacks.
Adaptive access controls in cybersecurity measures: Traditional access controls based on static rules may not be sufficient to counter the dynamic nature of AI-driven threats. Firms should implement AI systems that dynamically alter user permissions based on user identity, user purpose, and contextual information that informs the level of security risk (such as authentication strength or user physical location). Such systems are more likely to restrict malicious actors' access level and power if they do succeed in infiltration.
Cybersecurity awareness training: According to Verizon’s 2025 Data Breach Investigation Report, around 60% of data breaches involve a human element — that is, mistakes made within an organization that could be positively affected by training and awareness. Providing comprehensive security awareness training to employees about the risks associated with AI-generated content, such as convincing phishing emails or deepfake voice and video imitations, is critical for enabling them to make informed decisions and avoid falling victim to cyberattacks.
