Agentic AI Drives Surge in Global Cybercrime, Identity Theft, and Ransomware

The article explicitly describes AI systems being used maliciously to conduct cyberattacks autonomously and at scale, resulting in credential theft, ransomware, and insider-enabled attacks. These constitute realized harms to individuals and organizations, including violations of privacy and security. The AI systems' use is central to the incident, fulfilling the criteria for an AI Incident. The article does not merely warn of potential future harm but documents ongoing harm caused by AI-driven cybercrime.

The event involves the use of AI systems (generative AI and malicious LLMs) in cybercrime, which has directly led to large-scale harm including identity theft, malware infections, and ransomware attacks. These harms fall under violations of rights and harm to communities. The article describes realized harm, not just potential harm, and the AI's role is pivotal in enabling these attacks at scale and speed. Therefore, this qualifies as an AI Incident.

The report explicitly identifies a 1,500% increase in AI-related illicit activity and the active use of agentic AI systems to automate cyberattacks, which have directly led to large-scale credential theft, ransomware incidents, and exploitation of vulnerabilities. These outcomes represent realized harms to individuals (identity theft), organizations (ransomware, data breaches), and communities (disruption and harm from cybercrime). The AI systems' development and use by adversaries are pivotal in causing these harms, meeting the criteria for an AI Incident. The article does not merely warn of potential future harm but documents ongoing, significant harm linked to AI-enabled cybercrime.

The article explicitly mentions the use and active development of agentic AI systems in cybercrime, which have directly led to harms such as identity compromise, ransomware extortion, and exploitation of vulnerabilities. The harms described are realized and ongoing, including billions of compromised credentials and increased ransomware incidents. The AI systems are not merely potential threats but are operational and causing significant harm, fulfilling the criteria for an AI Incident. Therefore, this event is best classified as an AI Incident due to the direct and substantial harm caused by AI-enabled malicious activities.

The report explicitly states that agentic AI frameworks are being actively developed and used by threat actors to automate malicious cyber operations without human control, leading to widespread identity compromise, ransomware attacks, and exploitation of vulnerabilities. These activities have directly caused harm to individuals and organizations by compromising credentials, enabling unauthorized access, and facilitating extortion. The AI systems' role is pivotal in accelerating and scaling these harms, meeting the criteria for an AI Incident as defined by the framework.