AI lowers attack barriers, Google intel chief warns

Google Threat Intelligence Vice President Sandra Joyce warned that artificial intelligence is rapidly lowering the technical barriers for cyber attackers, enabling threat groups to scale operations, accelerate intrusion timelines, and automate workflows, though fully autonomous agentic attacks have yet to be observed in the wild, Security Brief Asia reports.

Joyce highlighted that attackers are experimenting with open-source tools like HexStrike MCP, originally designed for red teams, while one China-based actor attempted to disguise malicious activity by framing it as a capture-the-flag exercise when querying Gemini for guidance. The immediate danger lies in the democratization of vulnerability scanning and code-writing capabilities, which Joyce said will pose "a real problem" for organizations with poor patch management as these tools improve.

Internally, Google has deployed agentic AI for dark web analysis, training Gemini to interpret criminal forum slang across multiple languages, slashing false positive rates from ninety percent to achieve ninety-eight percent accuracy. The company has also begun integrating threat intelligence into its newly acquired Wiz platform, aiming to deliver red teaming exercises informed by adversary activity from the prior week rather than months-old techniques.