Anthropic analyzed 832 accounts: traditional protection fails to handle AI attacks

Anthropic conducted a large-scale investigation of 832 malicious accounts and discovered an alarming trend: cybercriminals are increasingly integrating artificial intelligence into their attacks, creating new combinations of tactics that traditional defense is simply unprepared for.

How researchers studied threats

Anthropic scientists analyzed the activity of 832 malicious accounts and correlated the observed patterns with MITRE ATT&CK — a foundational database of tactics and techniques used by cybercriminals and nation-state groups worldwide. MITRE ATT&CK is a long-awaited, industry-respected cybersecurity standard that forms the foundation for building defenses, assessing risk, and planning incident response in large organizations. The research made it possible to identify deep patterns: which AI-powered attack methods are becoming most common, how they evolve faster than classical threats, and most importantly — where existing defensive mechanisms show the greatest gaps and vulnerabilities.

What they found: main discoveries

The results are both striking and alarming. Cybercriminals are already systematically adapting their methods, going far beyond traditional patterns that classical signature-based defense or simple filtering rules can intercept. AI-enhanced attacks use entirely new combinations of known tactics and generate new ones:

• Weakly or not at all reflected in classical defense databases (BDD)
• Evolve three to four times faster than traditional security can update
• Mask their true intent as legitimate user activity
• Leverage language models for social engineering, targeted phishing, and manipulation
• Automate reconnaissance, scanning, and vulnerability exploitation at industrial scale

Critically: AI allows attackers not just to repeat the same attacks, but to dynamically generate new variants in real time, bypassing existing detectors. This is a fundamentally new level of threat that the industry has never faced at this scale before.

Why defense is falling behind

Traditional signatures and detection rules were created for an adversary whose behavior is more or less predictable and repeatable. But when the adversary can generate new attack variants in real time and actively adapt to countermeasures — classical security systems simply cannot keep up. It's like playing chess with an opponent who rewrites the rules during the game. Defense is falling behind not because someone made a design error, but because AI gives attackers an enormous asymmetric advantage: the speed of method evolution, the scale of operations, and the ability to self-adapt without human intervention.

"The techniques we have relied on for many years are no longer sufficient in the age of AI," conclude

Anthropic researchers.

New requirements for defense

Anthropic clearly points the way forward: a purely traditional approach is no longer sufficient. Fundamentally new strategies are required: behavioral analytics, real-time contextual defense, automated adaptation of detection systems, ML-based predictive threat models, anomaly analysis, and risk management with feedback loops. Companies must prepare for defense to become more active, predictive, and adaptive, not merely reactive. The era of passive defense, when you simply block already-known threats, is ending. A transition to flexible, intelligent strategies that evolve themselves along with new threats is required. Essentially, defense must learn and develop like AI, otherwise it will always be behind.

What this means for business

For IT teams and businesses, the results of Anthropic's research are a serious signal for a complete reassessment of all security strategies and investments. The old, time-tested techniques are no longer sufficient against the new generation of AI-enhanced threats. Urgent investment is required in modern tools, deep behavioral analytics, correction of response processes, and quite likely the development of proprietary AI models for defense. Otherwise, the gap between attack and defense capabilities will steadily widen.