AI‑Fueled Cyber Threats Rise
Security researchers and vendors warned at RSAC and in global threat reports that attackers are using AI to speed lateral movement and bypass defenses in corporate networks. Faster ‘breakout’ times and credential misuse mean logistics operators face higher operational risk, since 3PLs and fulfillment platforms hold sensitive customer and routing data. The trend raises urgency around segmentation, asset visibility, and vetted third‑party controls. (darkreading.com) (esecurityplanet.com)
CrowdStrike’s 2026 Global Threat Report measured a sharp jump in attacker speed: the average time from initial access to lateral movement fell to 29 minutes in 2025, and the fastest observed “breakout” happened in 27 seconds, while activity by AI‑assisted attackers rose 89% year‑over‑year. (crowdstrike.com) The report also found that 82% of detections in 2025 were malware‑free, meaning intrusions often run through valid accounts, approved cloud services, and normal business workflows rather than obvious malicious files, and CrowdStrike notes attackers are increasingly weaponizing legitimate generative AI tools to generate commands and phishing content at scale. (crowdstrike.com) “Breakout time” is the interval between an attacker’s first foothold and their ability to move onto other systems, and AI shortens that interval by automating reconnaissance (automated scanning and mapping of a network) and by running chains of steps automatically through so‑called agentic AI — autonomous software agents that can execute multi‑step tasks with minimal human input. (crowdstrike.com) Attackers are also relying on “living‑off‑the‑land” tactics — using legitimate tools and services already present in a network so their activity looks normal — combined with credential abuse (using valid usernames and passwords) to blend into routine operations, which reduces the window for manual detection and containment. (esecurityplanet.com) CrowdStrike’s executive summary adds specific pressure points: cloud‑focused intrusions rose 37% in 2025 with a 266% jump among state‑nexus actors, valid account abuse accounted for a large share of cloud incidents, and exploitation of zero‑day vulnerabilities (software flaws attacked before patches are public) increased by 42%. (crowdstrike.com) Vendors and service providers responded publicly at RSAC with AI‑native defenses aimed at closing the speed gap — for example, Booz Allen launched an AI‑driven product suite called Vellox and major security firms showcased new detection and governance tools that embed AI for autonomous mapping, detection, and response. (businesswire.com (crn.com))
