Artificially Intelligent Cyberattacks


  • Erik Zouave
  • Tommy Gustafsson
  • Marc Bruce
  • Kajsa Colde

Publish date: 2020-03-30

Report number: FOI-R--4947--SE

Pages: 48

Written in: English

Research areas:

  • Informationssäkerhet


  • Artificial intelligence
  • cyberattacks
  • anatomy
  • automation
  • offensive cyber
  • malicous artificial intelligence


This report explores the possibilities and applications of artificial intelligence (AI) within the various stages of a cyberattack. It is a literature review of the current state of the art in AI application within the cyber domain, with specific focus on research from the antagonist perspective and technology that can be used both defensively and offensively. The five stages referred to in this report include reconnaissance, access and penetration, internal reconnaissance and lateral movements, command, control and exfiltration and sanitation. Within the report, 19 use cases for AI were found. The antagonistic use cases demonstrate AI versus human technology user and AI versus technology scenarios, with the latter including dimensions of an AI-supported attacker versus AI-supported defender arms race. The found use cases demonstrate that there is a higher technology readiness level at early phases of the cyberattack. Moreover, the sources reviewed imply that some AI-supported cyberattacks can already be observed in the wild. The report also identifies four strategic capabilities that antagonists may achieve through the malicious use of AI in cyberattacks; namely aggregation, repetition, deception, and manipulation.