The tech industry is abuzz over the business potential of AI “agents,” which can execute tasks on their own. For those tasked with protecting organizations against cybercriminals however, the influx of AI agents will mean preparing for a challenging new adversary to contend with.

Security experts now view “agentic” AI tools that engage in multi-step problem solving and act on them autonomously as one of 2025’s biggest threats.And while the explosion of AI-enabled hacks powered by generative tools like OpenAI’s GPT models may not have been as bad as some feared, AI agents present cybercriminals with a powerful new upgrade to their arsenal, changing the tool from a basic assistant to an active and eager co-worker that never needs to sleep.

The concern is that these new AI agents could overwhelm cybersecurity defenders and businesses alike at a time when the workforce is struggling to keep up.

“The risk of agentic attackers is that it could make ‘big game’ attacks an everyday norm, overwhelming security teams,” said Mark Stockley, cybersecurity evangelist at the cyber firm Malwarebytes. Big game attacks are typically high-profile targets with millions or billions in company coffers.

Stockley said that AI agents “could scale up big game ransomware attacks enormously, freeing cybercriminals from the scaling problems that currently hold them back.”

At the same time, new research from Google’s Threat Analysis Group is showing tighter collaborations between criminal hackers looking for financial gain and nation-states seeking to hide malicious activity. The U.S. and international allies face increasing difficulty using disruptive methods as the criminal ecosystem becomes more resilient against law enforcement activities; malicious hackers are quick to replace and be replaced in today’s criminal underworld.

“The marketplace at the center of the cybercrime ecosystem has made every actor easily replaceable and the whole problem resilient to disruption. Unfortunately, many of our actions have amounted to temporary inconveniences for these criminals, but we can’t treat this like a nuisance and we will have to work harder to make meaningful impacts,” Sandra Joyce, vice president of Google Threat Intelligence, said in a statement.

More velocity, more risk

Experts warn that the time is drawing to a close when current AI models amount to “limited incremental capabilities for malicious cybersecurity tasks” as OpenAI noted in a February 2024 report. What’s more, the increase of AI-tools for software development will inevitably result in an increase in bad code, and as a result, more vulnerabilities will be available for hackers and their AI agents to abuse.

“Unfortunately, all the models were trained on code that has vulnerabilities, so the generated code will too. That means more code, more vulnerabilities, more velocity, and more risk for consumers,” said Jeff Williams, co-founder and chief technology officer at the software security firm Contrast Security.

Stockley, of Malwarebytes, points out that one of the natural bottlenecks on ransomware attacks has long been the amount of skilled hackers plying their trade, versus the skilled security professionals working to stop them. That balance could be upset as AI agents proliferate.

Take email phishing as an example: hackers use text generation tools to create realistic lures for victims who have become wise to lower-quality scams such as the fake Nigerian prince. Generative AI tools are an easy way to increase the scale and believability of those types of attacks — but that can only get a would-be hacker so far, since learning how to turn a malicious click into steady income is a challenge not as easily solved. Agents could be the next step to advising those would-be hackers on what to do after successfully tricking a victim.

“In the short term, organizations will need to turn to automation to ensure their attack surface is always as small as possible, and that security teams are free to focus on high impact, high value work,” said Stockley. Future goals for a business looking to keep up with the scale of threats would be to invest in cybersecurity-focused AI agents to further scale up defensive efforts, he said.

Malwarebyte’s report warns that well-funded ransomware gangs could use agents to attack multiple targets at the same time. Already, 2024 saw the biggest increase of known attacks even as some of the largest players like LockBit and ALPHV saw increased disruptions from law enforcement.

The scale of attacks is further expected to be exacerbated by the increase of states looking to purchase cyber tools and capabilities from criminal hackers, according to Google’s latest report.

“The enormous volume of financially motivated intrusions occurring every day also has a cumulative impact, hurting national economic competitiveness and placing huge strain on cyber defenders, leading to decreased readiness and burnout,” said Google’s report.

A cyberattack that appears to be a run-of-the-mill ransomware extortion could actually be state-backed hackers with far more resources and patience than your typical hacker and raising the threat to a business exponentially.

Businesses looking to protect themselves against state-backed hackers are often far outmatched, but can protect themselves by taking some basic security steps to modernize legacy systems, which is often an easy first target by ransomware gangs and state-backed hackers alike.