AI as a game changer and threat accelerator

Artificial intelligence (AI) is currently revolutionising almost every sector – especially cybersecurity. It enables automated threat detection in real time and supports security teams. But the same technology also helps attackers:

hackers use AI for social engineering, deepfakes and automated malware. This creates a duel in which technology alone is no longer the deciding factor, but rather humans – with their judgement and situational awareness – play a central role.

Social engineering on a new level

Deepfakes of superiors, accurate phishing emails and generated audio messages present employees with extreme challenges. According to the Arctic Wolf Trends Report 2025, over 35% of companies surveyed were affected by at least one significant BEC incident last year¹. This alarming figure shows how often human weaknesses are exploited in a targeted manner – and how much awareness and intuitive responses are needed.

Automation, ransomware and AI in the background

AI-supported groups use cloud infrastructures and cryptocurrencies to launch large-scale attacks in a matter of minutes. ‘Double extortion’ techniques – in which data is encrypted and stolen content is published in parallel – are becoming increasingly important and are often automated using AI tools.

Tools such as RansomHub and Akira are at the forefront of this development. According to SOCRadar 2025, the retail (14.7%), finance (12%) and manufacturing (18%) sectors are particularly affected². The technological lead of the attackers is growing continuously³ ⁴ ⁵.

Germany: Cyber attacks are rising sharply

Recent reports confirm a dramatic increase: According to Check Point, Germany recorded a 55% increase in cyber attacks in the first quarter of 2025, compared to a global average of 47%. Ransomware attacks rose by as much as 126%. The education sector was particularly affected, with over 4,400 attacks per organisation per week (+73%), followed by public administration (+51%) and telecommunications (+94%)⁶. Overall, the German economy suffered losses of around €179 billion in 2024⁷.

Europe: Looming reality, regulatory movement

Between January and April 2025, Europe saw a sharp increase in AI-driven fraud and ransomware attacks on critical infrastructure such as healthcare, telecommunications and administration. Groups such as Scattered Spider and RansomHouse are exacerbating the situation⁸. At the same time, the EU is tightening its framework: With the Cyber Resilience Act (CRA) and DORA, mandatory security standards for digital products and financial service providers will apply in future. In addition, the EU is currently drafting the Cyber Solidarity Act, which strengthens capacities for cross-border responses to cyber attacks.

Skills shortage and resilience gaps

The shortage of skilled workers remains a key weakness. There is a global shortage of over three million qualified cybersecurity professionals. Companies in North America and Europe also appear to be inadequately prepared for future challenges such as post-quantum cryptography: according to Keyfactor, 48% of organisations have no plans to adapt to quantum threats; among medium-sized companies, this figure rises to 56%.

Human factors at the core of defence

In this dynamic environment, people remain crucial. A security culture that is lived and breathed – consisting of awareness, a willingness to report incidents and structured processes – can complement technology, but it cannot replace it. Organisations need effective training and a culture of trust to undermine attackers in the long term.

External support: managed security services

For many companies – especially medium-sized ones – external security services are essential. Providers such as Arctic Wolf offer round-the-clock monitoring, threat hunting and incident response. Combined with human expertise, this enables a level of security that automated systems alone cannot guarantee.

People remain indispensable

AI is fundamentally changing cybersecurity. It speeds up responses and automates detection, but it does not replace human responsibility. Real protection comes from the interplay of technology, organisational resilience and human vigilance. Only when both components are strengthened equally can cybersecurity survive in the age of AI.

Footnotes

1. Arctic Wolf, Trends Report 2025, report on BEC incidents.
2. SOCRadar® Cyber Intelligence Inc., ‘Germany Threat Landscape Report 2025’, https://socradar.io/resources/country-reports/germany-threat-landscape-report-2025/
3. Tom’s Hardware, “The era of AI hacking has arrived”, 2025, https://www.tomshardware.com/tech-industry/cyber-security/report-claims-the-era-of-ai-hacking-has-arrived-good-and-bad-actors-leveraging-ai-in-cybersecurity-arms-race
4. Schwarz Digits, Cyber Security Report 2025, https://schwarz-digits.de/en/publications/cyber-security-report
5. TechRadar Pro, ‘Infosecurity Europe 2025 – 92% see increase, 52% AI attacks’, https://www.techradar.com/pro/live/infosec-europe-2025-were-live-at-the-show-and-heres-everything-weve-seen
6. Check Point via B2B Cyber Security, ‘55% more cyber attacks in Germany’, 26 May 2025, https://b2b-cyber-security.de/en/55-prozent-mehr-cyber-angriffe-in-deutschland/
7. Schwarz Digits, Cyber Security Report 2025, damage in 2024: approx. €179 billion, https://schwarz-digits.de/en/publications/cyber-security-report
8. Foresiet, ‘Europe Cybersecurity Report – Q1 2025’, https://foresiet.com/resources/cybersecurity-threat-reports/europe-cybersecurity-report-q1-2025/
9. European Union, Cyber Resilience Act (EU Regulation 2024/2847), https://en.wikipedia.org/wiki/Cyber_Resilience_Act
10. European Union, Digital Operational Resilience Act (DORA, EU Regulation 2022/2554), https://en.wikipedia.org/wiki/Cyber-security_regulation
11. European Union, Cyber Solidarity Act, https://en.wikipedia.org/wiki/Cyber_Solidarity_Act
12. Arxiv, ‘Global Cybersecurity Workforce Gap 2022–2025’, https://arxiv.org/abs/2204.13793
13. ITPro, ‘Nearly half of enterprises aren’t prepared for quantum cybersecurity threats’, 2025, https://www.itpro.com/security/nearly-half-of-enterprises-arent-prepared-for-quantum-cybersecurity-threats