AI-powered tools advance RaaS operations

Most ransomware-as-a-service operations have already tapped artificial intelligence-powered tools to hasten attacks, with breakout times declining from 48 minutes last year to only 18 minutes during the first half of 2025, Cybersecurity Dive reports.

AI-based automation has also enabled certain groups to gain notoriety within the threat landscape, with The Gentlemen hacking collective noted to have compromised over 30 organizations during the first month of its operations with advanced tools, according to a report from ReliaQuest.

Such tools have also allowed DragonForce to increase its victim count by twofold between 2024 and 2025. Despite the growing adoption of AI among RaaS, only 50% have provided their affiliates with AI-powered capabilities, the study showed.

"Fewer than half of the RaaS groups analyzed can provide the complete trifecta of capabilities needed to attract the elite talent that is most likely to compromise heavily defended organizations and secure large extortion payments," said ReliaQuest researchers.