APT10 never breached its actual targets. It breached the companies managing them. And what came to pass was one of the most consequential demonstrations of how trust in shared infrastructure becomes a structural attack surface.
Tackling sophisticated AI scrapers requires tracking behavioral intent across sessions, not relying on metrics built for a different generation of threat.
AI is no longer a future risk but a present operational reality that is changing the fundamental economics of cyberattacks. As the recent joint warning from the Five Eyes alliance makes clear, the timeline for AI driven cyber threats has accelerated into a matter of months, not years.
A state can now signal resolve, coerce a rival, or degrade an adversary's military capability without firing a physical weapon. Cybersecurity and diplomacy used to run in separate lanes, and that separation no longer holds.
The security frameworks we built over forty years assume that some is behind the action. But agents break that assumption, and most enterprises haven't caught up.
AI is no longer a future risk but a present operational reality that is changing the fundamental economics of cyberattacks. As the recent joint warning from the Five Eyes alliance makes clear, the timeline for AI driven cyber threats has accelerated into a matter of months, not years.
A state can now signal resolve, coerce a rival, or degrade an adversary's military capability without firing a physical weapon. Cybersecurity and diplomacy used to run in separate lanes, and that separation no longer holds.
The security frameworks we built over forty years assume that some is behind the action. But agents break that assumption, and most enterprises haven't caught up.
In 1996, attackers didn't need to break into US networks. They used authorized access to exfiltrate data undetected for two years. Today, autonomous AI is exposing that exact same security blind spot.