The technology company Anthropic has identified a substantial increase in the use of large language models and artificial intelligence tools for the execution of malicious cyber activities. The study covered the analysis of 832 accounts banned from the platform between 2025 and 2026.
The data confirms that the technology has moved from being a promise of productivity to becoming a direct vector for compromising critical infrastructure. The ease in creating malicious code allows actors with lower technical knowledge to carry out complex incursions.
The mechanics of digital threats
The survey conducted by the company details the behavior of networks that were targeted for permanent removal. The growing sophistication demonstrates that the barrier to entry for cybercrime has decreased drastically under the aegis of algorithmic automation.
- 67 percent of banned accounts used AI for malware development.
- Recorded increase in the use of AI for lateral movement in compromised networks.
- Acceleration of social engineering processes aimed at credential harvesting.
The fragility of contemporary digital structures
The ability to generate code quickly and iteratively overwhelms incident response teams. While companies and government bodies try to update their defense protocols, attackers use AI to find vulnerabilities in real time, in a cycle of constant adaptation.
This situation reflects a structural asymmetry in the cybersecurity economy. The cost to develop an attack tool based on AI models is marginally low, while the cost to mitigate intrusions grows exponentially, forcing governments and corporations into heavy spending.
Consequences of technological asymmetry
The United States regime, which holds hegemony over the basic infrastructure of these technologies, deals with a contradiction inherent in its economic model. The drive for global technological dominance by Big Tech has prioritized scale and profit, neglecting the integrity and security of the digital ecosystems that support modern life.
The inability to contain these abuses demonstrates that the current regulatory framework is insufficient in the face of the speed of algorithm operations. If access to these tools is not accompanied by severe legal accountability for developers, the stability of public and private institutions will remain under permanent risk of cyber subversion.
