AI speeds cyberattacks, shrinking lateral movement to minutes

AI and automation are dramatically accelerating the speed and scale of cyberattacks, reshaping the threat landscape for organizations worldwide, according to Cybersecurity Dive.

ReliaQuest's report found that lateral movement across victim networks can now occur in as little as four minutes, an 85% drop from the fastest-observed lateral move in 2024, while the average time fell from 48 minutes to 34 minutes. Data exfiltration has also accelerated, with the fastest incidents taking just six minutes versus over four hours last year. AI and automation underpin these changes, with 80% of ransomware groups leveraging one or both technologies to steal data.

The BoaLoader malware exemplifies this trend, reflecting "the first major convergence of AI-assisted development, social engineering, and traditional cybercrime," appearing in one-fifth of incidents in 2025. Experts warn that while AI offers defensive potential, attackers benefit from operational flexibility, speed, and fewer constraints. Mike McPherson of ReliaQuest urged businesses to adopt AI-based defenses to keep pace with evolving threats.