News & Updates

It’s a sad state of affairs but Artificial Intelligence (AI) is now being weaponised as threat actors leverage AI at every stage of the attack lifecycle to launch faster, more widespread and more damaging attacks on businesses. 

Anthropic’s Threat Intelligence Report August 2025 found: 

• AI models are now being used to carry out cyber-attacks at scale 

• AI has lowered the barriers to entry with fewer technical skills required to launch complex attacks 

• Threat actors are integrating AI from start to finish throughout their operations 

• One individual can carry out attacks that previously would have taken a whole team  

This fundamental shift in the threat landscape means cyber criminals can now automate their reconnaissance of businesses, scaling to the scanning thousands of systems, enumerating software versions, analysing configurations, and pinpointing vulnerabilities in Internet-facing business systems and devices faster than ever before. 

Industry threat intelligence reports confirm that external vulnerability exploitation is one of the most prevalent initial access vectors used by attackers to breach the business perimeter.  

According to Mandiant’s M-Trends Report 2025, vulnerability exploitation was the leading initial access method, generating 33% of attacks, including those targeting Internet-facing systems such as web servers, APIs, and edge devices such as firewalls and VPN services. 

Verizon’s 2025 Data Breach Investigations Report also found exploitation of vulnerabilities to be behind 20% of breaches, with attacks on externally facing Internet edge devices and VPNs increasing dramatically from 3% to 22%. 

How Attackers are using AI to Scale their Operations 

• Automated reconnaissance: AI-powered tools can crawl the Internet, identify exposed services, and determine software versions, significantly reducing the time it takes to map an organisation’s external footprint. 

• AI-assisted vulnerability prioritisation: instead of manually reviewing scan data, attackers are now using AI models to correlate against open-source intelligence, CVE data, and exploit descriptions to prioritise which businesses to target as the economy of effort to exploit is low.  

• Adaptive attack automation: AI systems can carry out entire attack sequences with minimal human involvement, automatically scanning, learning, and adapting their next move, which enables continuous and scalable attacks.  

The result is that what once took days of manual reconnaissance can now be done in minutes. This has led to a new era of AI-assisted cyber-crime where threat actors can discover, prioritise, and target vulnerable assets within hours of exposure, outpacing traditional methods of defence. 

How to Stay Ahead: Attack Mitigation Service - External 

To counter AI-driven attacks, reduce the workload on internal security teams, and cut cyber risk organisations need to adopt a proactive and layered approach to protecting Internet-facing infrastructure. That’s where the Fortis Cyber® External Attack Mitigation Service (EAMS) comes in, simplifying vulnerability management, providing comprehensive detection and validation, and delivering assurance against external cyber threats using: 

• Regular Assessments: scheduled evaluations detecting and identifying risks across internet-facing assets and discovering vulnerabilities before threat actors do. 

• Simulated Attacks: replicating real-world threat scenarios at scale to reveal how resilient your defences are under realistic attack conditions. 

• Expert-Led Evaluation: experienced cyber security specialists perform in-depth analysis, validating findings and providing actionable recommendations. 

• Security Workshops for Zero-Day Resilience: helping organisations understand and mitigate emerging threats and build resilience against zero-day vulnerabilities. 

  
  

What This Means for Your Business 

AI has transformed the balance of power in cyber security, giving criminals the tools to rapidly launch scalable attacks. Organisations need to act pre-emptively to anticipate and counter these threats. 

By regularly assessing external attack surfaces, simulating real-world threats, and building resilience through expert-led guidance, organisations can be the first to find the gaps and vulnerabilities, rather than the last to know about them. 

Ready to Simplify Security and Reduce Risk?  

Our experts will work with you to understand your security requirements and recommend tailored solutions aligned to your business that will reduce risk and lighten your team’s workload. 

Start the conversation today at enquiries@fortiscyber.co.uk, our team will prioritise your request and help you secure your systems quickly. 

TIBER-EU (Threat Intelligence-Based Ethical Red Teaming) is a European-wide initiative designed to enhance cyber defences through collaborative testing. It offers detailed guidelines for authorities, organisations, threat intelligence providers, and red team testers to work together effectively. By conducting controlled cyberattacks, TIBER-EU helps identify vulnerabilities and strengthen an entity’s cyber resilience in a safe and structured manner.

Who is TIBER-EU for?

 It was developed to strengthen the cyber resilience of organisations that deliver critical services, especially within the financial sector. This includes those with cross-border operations that fall under the supervision of multiple regulatory bodies, as well as national and supranational authorities.

While originally intended for financial infrastructure providers, TIBER-EU is flexible enough to be applied across other vital sectors, making it a valuable tool for a broad range of critical entities.

The framework sets out a core set of mandatory requirements, along with optional elements that can be tailored to reflect the specific needs of different jurisdictions. By harmonising how threat-led red teaming is conducted across Europe, TIBER-EU helps simplify compliance and promotes mutual recognition between authorities while reducing administrative burden and increasing efficiency.

Importantly, the TIBER-EU framework can support both regulators and financial entities in complying with the requirements of the Digital Operational Resilience Act (DORA). For organisations preparing for DORA’s implementation, adopting TIBER-EU offers a structured and recognised approach to threat-led penetration testing.

How does it work?

TIBER-EU simulations closely replicate the tactics, techniques, and procedures used by actual cyber attackers, relying on tailored threat intelligence. These tests are customised to mimic attacks on the critical functions of an organisation, including its people, processes, and technology infrastructure. Importantly, the goal isn’t to pass or fail but to uncover the strengths and weaknesses of an organisation’s cyber defences. By focusing on the learning opportunities these simulations provide, TIBER-EU helps organisations improve their resilience and move toward a higher level of cyber maturity.

Come and talk to us about our services to support TIBER-EU.

AI technology is rapidly reshaping web applications, from customer support bots to intelligent fraud prevention systems. However, with this growth comes new and often overlooked security risks. Many businesses are integrating AI without fully addressing the unique vulnerabilities it introduces.

Common AI Weaknesses

☠️ Model Poisoning – Malicious users can manipulate machine learning models by feeding them crafted or misleading data, leading to faulty outputs.

👀 Information Exposure – Insecure AI responses may unintentionally reveal sensitive data or system information.

💥 Prompt Injection Attacks – AI systems based on Large Language Models (LLMs) are susceptible to specially designed prompts that manipulate system behaviour.

🔓 Insecure APIs – AI features are often exposed through APIs, making them prime targets for abuse, data exfiltration, and denial of service attacks.

💡 Bias and Trust Flaws – Models trained on skewed or incomplete data can make inaccurate or unsafe decisions, sometimes in ways that aren’t immediately obvious.

Key Takeaway

AI adds valuable capabilities to web applications but also expands the attack surface. Organisations must proactively identify and secure AI-specific vulnerabilities as part of their broader cybersecurity programme.

Interested in learning more about AI security? Visit www.fortiscyber.co.uk or contact us at enquiries@fortiscyber.co.uk.