13-05-2025
Mandiant founder warns of AI-powered cyberattacks
Kevin Mandia, one of the most prolific cyber entrepreneurs and investors, predicts the world is only a year away from an AI-agent-enabled cyberattack.
Why it matters: Mandia warned that chances are the world won't even know an AI tool was the perpetrator.
"Everybody's going to look at that, wonder how that got done, and it's probably AI behind it," he told Axios on the sidelines of the RSA Conference last month.
The big picture: AI doomsday scenarios have haunted cyber pros for decades, but the introduction of generative AI hypercharged their fears.
Some have predicted we'll see autonomous cyber weapons that can evade security tools in the wild by 2027.
Others predict that one day the robots will be fighting robots.
Catch up quick: Mandia founded famed cybersecurity incident response company Mandiant in the early 2000s.
Although he stepped down as CEO last year, his company has been at the frontlines of major nation-state attacks and cybercriminal investigations.
Mandia is also now a founder and general partner at Ballistic Ventures.
Zoom in: The type of attack Mandia is predicting will likely come from the cybercriminal side of the world, rather than nation-states, he said.
Mandia added that the first iteration of any new attack style is typically "a bit sloppy" and that foreign adversaries like China are more likely to take their time before rushing to follow suit.
"There is enough R&D happening right now on how to use AI [at legitimate organizations] that the criminal element is doing that R&D as well," he said.
Yes, but: Models from OpenAI, Anthropic and other popular AI companies aren't likely to be involved in the attack that Mandia is predicting.
Those models are "pretty darn good" at blocking such blatant violations of their safety parameters.
"It's going to come from some model that's somewhere out there that's less controlled," he said.
Reality check: Chester Wisniewski, global field CISO at Sophos, told Axios that cybercriminals may already have the capabilities — but many of them don't have a real incentive to tap into them yet.
"Fortunately today, cybercriminals are really lazy, and because we keep leaving our wallets open with large sums of cash in them, they're happy to just steal the money and move on and not do anything fancy," Wisniewski said.
Flashback: Mandia pointed to a 2001 case where the FBI arrested two Russian hackers who had programmed scripts to automate eBay purchases using stolen credit cards.
"If they would automate all these eBay selling motions" in the early 2000s, he said, "trust me, there's already an AI agent doing this."
What to watch: Cyber defenders have been bullish on the promise of AI to help them better protect their networks and datasets.
