The RSA Conference in 2026 underscored a crucial shift in cybersecurity, revealing that the integration of artificial intelligence (AI) is significantly accelerating the speed of cyberattacks. Cybercriminals, including nation-states and organized groups, are increasingly utilizing AI to refine their attack methodologies, enhancing the efficiency of various stages in the attack lifecycle.
While the core objectives, such as financial gain and credential theft, remain unchanged, the sophistication of tactics has notably improved. For instance, the click-through rate for phishing emails has risen to 54%, marking a remarkable 450% increase due to AI's ability to customize content for specific targets. The United States now represents nearly 25% of all cyberattack activities, with other countries like the United Kingdom, Israel, and Germany also heavily affected.
Experts highlighted Tycoon2FA, an advanced platform operated by the Storm-1747 group, as a prime example of modern cybercrime. This service, unlike traditional phishing kits, generated millions of phishing emails monthly and was linked to around 100,000 compromised organizations. At its peak, it accounted for approximately 62% of all phishing attempts blocked by Microsoft, showcasing the operational evolution of cyber threats driven by AI.