The Use of Artificial Intelligence in Cyberattacks, Part 2
Phases 1– 4 of the Cyber Kill Chain Model
Copyright (c) 2026 Kovács Zoltán
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Absztrakt
The first part of this series of articles provided an overview of artificial intelligence (AI) and its various subfields (e.g. machine learning, generative AI, etc.), and showed that the Cyber Kill Chain (CKC) model, despite all its limitations, is suitable for achieving the goal of this series of articles, i.e. it can be used to demonstrate how attackers can use AI in cyberattacks. In order to develop adequate cyber defence against AI-assisted cyberattacks, it is necessary to know what AI-assisted tools attackers can use in each phase of the attack. This article focuses on the first four phases of the CKC model (reconnaissance, weaponization, delivery and exploitation) to examine where and how attackers are already using artificial intelligence in the first four phases of the Cyber Kill Chain model to achieve their goals, and how this helps attackers.
Kulcsszavak:
Hivatkozások
ABBADI, Driss – LACHKAR, Abdelkader (2024): Cyber Threats in the Age of Artificial Intelligence. Exploiting Advanced Technologies and Strengthening Cybersecurity. International Journal of Science and Research Archive, 13(1), 2576–2588. Online: https://doi.org/10.30574/ijsra.2024.13.1.1961
AL-AZZAWI, Mays – DOAN, Dung – SIPOLA, Tuomo – HAUTAMÄKI, Jari – KOKKONEN, Tero (2025): Red Teaming with Artificial Intelligence-Driven Cyberattacks: A Scoping Review. arXiv:2503.19626. Online: https://doi.org/10.48550/arXiv.2503.19626
ALRZINI, Joma – PENNINGTON, Diane (2020): A Review of Polymorphic Malware Detection Techniques. International Journal of Advanced Research in Engineering and Technology (IJARET), 11(12), 1238–1247. Online: https://doi.org/10.34218/IJARET.11.12.2020.119
AMSTER, Alex [s. a.]: Automating Vulnerability Detection in Networks with AI. AllStarsIT, s. a. Online: https://www.allstarsit.com/blog/automating-vulnerability-detection-in-networks-with-ai
ARIF, Aftab – KHAN, Muhammad Ismaeel – KHAN, Ali Raza A (2024): An Overview of Cyber Threats Generated by AI. International Journal of Multidisciplinary Sciences and Arts, 3(4), 67–76. Online: https://doi.org/10.47709/ijmdsa.v3i4.4753
BLAKE, Harrison (2025): AI-Powered Threats in Supply Chains: A Looming Cybersecurity Challenge. ResearchGate. Online: https://www.researchgate.net/profile/Harrison-Blake-2/publication/389274676_AI-Powered_Threats_in_Supply_Chains_A_Looming_Cybersecurity_Challenge/links/67bc8c29461fb56424e8923e/AI-Powered-Threats-in-Supply-Chains-A-Looming-Cybersecurity-Challenge.pdf
Cybersecurity Forecast 2025 (2025): Google Cloud Security. Online: https://cloud.google.com/blog/topics/threat-intelligence/cybersecurity-forecast-2025
DEAN, B. (2025): New Report: Over 80% of Cyberattacks Now Use AI. Programs.com, 8 August 2025. Online: https://programs.com/resources/ai-cyberattack-stats/
DEES, Mels (2025): CrowdStrike Introduces Tools to Block Malicious AI Models. Techzine Global, 30 April 2025. Online: https://www.techzine.eu/news/security/130990/crowdstrike-introduces-tools-to-block-malicious-ai-models/
FADHIL, Ammar (2025): Enhancing Data Security: A Hybrid Approach of AI-Driven Steganography and Encryption. The Indonesian Journal of Computer Science, 14(2). Online: https://doi.org/10.33022/ijcs.v14i2.4759
FALADE, Polra V. (2023): Decoding the Threat Landscape: ChatGPT, FraudGPT, and WormGPT in Social Engineering Attacks. International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 9(5), 185–198. Online: https://doi.org/10.32628/CSEIT2390533
FERNÁNDEZ, Rodrigo (2025): AI-Driven Supply Chain Attacks: The New Cyber Risk in 2025. NeuralTrust, 25 September 2025. Online: https://neuraltrust.ai/blog/ai-driven-supply-chain-attacks
FRITSCH, Lothar – JABER, Aws – YAZIDI, Anis (2022): An Overview of Artificial Intelligence Used in Malware. In ZOUGANELI, Evi – YAZIDI, Anis – MELLO, Gustavo – LIND, Pedro (eds.): Nordic Artificial Intelligence Research and Development. Cham: Springer International Publishing, 41–51. Online: https://doi.org/10.1007/978-3-031-17030-0_4
GILES, Lionel (2013): Sun Tzu on the Art of War. London: Routledge. Online: https://doi.org/10.4324/9781315030081
GLYNN, Fergal (2025): AI Vulnerability Scanner: 6 Practical Metrics Every Security Team Should Monitor. Mindgard, 25 August 2025. Online: https://mindgard.ai/blog/ai-vulnerability-scanner-metrics
GOODFELLOW, Ian et al. (2020): Generative Adversarial Networks. Communications of the ACM, 63(11), 139–144. Online: https://doi.org/10.1145/3422622
HAUROGNÉ, Jean – BASHEER, Nihala – ISLAM, Shareeful (2024): Vulnerability Detection Using BERT based LLM Model with Transparency Obligation Practice towards Trustworthy AI. Machine Learning with Applications, 18. Online: https://doi.org/10.1016/j.mlwa.2024.100598
HITAJ, Briland – GASTI, Paolo – ATENIESE, Giuseppe – PEREZ-CRUZ, Fernando (2019): PassGAN: A Deep Learning Approach for Password Guessing. arXiv:1709.00440. Online: https://doi.org/10.48550/arXiv.1709.00440
HUTCHINS, Eric M. – CLOPPERT, Michael J., – AMIN, Rohan M. (2011): Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains. Leading Issues in Information Warfare & Security Research, 1(1), 1–14.
itszótár.hu (2025): Metamorf és polimorf kártevők: Ezen kártékony szoftverek működésének magyarázata. ITszotar.hu, 15 May 2025. Online: https://itszotar.hu/metamorf-es-polimorf-kartevok-ezen-kartekony-szoftverek-mukodesenek-magyarazata/
KUMAR, Ankit – CHAUHAN, Nidhi (2025): AI-Driven Optimization for Enhancing Performance, Efficiency, and Personalization in Content Delivery Networks. International Journal of Computer Techniques, 12(3), 1–9. Online: https://ijctjournal.org/wp-content/uploads/2025/06/AI-Driven-Optimization-for-Enhancing-Performance-Efficiency-and-Personalization-in-Content-Delivery-Networks.pdf
LUONG, Phung D. et al. (2025): xOffense: An AI-driven Autonomous Penetration Testing Framework with Offensive Knowledge-Enhanced LLMs and Multi Agent Systems. arXiv:2509.13021v1. Online: https://arxiv.org/html/2509.13021v1
Microsoft [s. a.]: What is the Cyber Kill Chain? Microsoft Security, s. a. Online: https://www.microsoft.com/en-us/security/business/security-101/what-is-cyber-kill-chain
MIRSKY, Yisroel et al. (2023): The Threat of Offensive AI to Organizations. Computers & Security, 124. Online: https://doi.org/10.1016/j.cose.2022.103006
Navigating a New Threat Landscape (2024). Darktrace. Online: https://www.darktrace.com/resources/navigating-a-new-threat-landscape
NOBLES, Calvin (2024): The Weaponization of Artificial Intelligence in Cybersecurity: A Systematic Review. Procedia Computer Science, 239, 547–555. Online: https://doi.org/10.1016/j.procs.2024.06.206
PARK, Jin H. – AYATI, Seyyed A. – CAI, Yichen (2025): Improving Acoustic Side-Channel Attacks on Keyboards Using Transformers and Large Language Models. arXiv:2502.09782. Online: https://doi.org/10.48550/arXiv.2502.09782
Phishing Trends Report (Updated for 2025) [s. a.]. Hoxhunt, s. a. Online: https://hoxhunt.com/guide/phishing-trends-report
POTTER, Yujin et al. (2025): Frontier AI’s Impact on the Cybersecurity Landscape. arXiv:2504.05408. Online: https://doi.org/10.48550/arXiv.2504.05408
ROHLF, Chris (2025): AI and the Software Vulnerability Lifecycle. Center for Security and Emerging Technology, 8 August 2025. Online: https://cset.georgetown.edu/article/ai-and-the-software-vulnerability-lifecycle/
SALEM, Maher – MRIAN, Mohammad (2025): AI-Driven Penetration Testing: Automating Exploits with LLMs and Metasploit-A VSFTPD Case Study. 2025 International Conference on New Trends in Computing Sciences (ICTCS), Amman, Jordan, 89–96. Online: https://doi.org/10.1109/ICTCS65341.2025.10989363
SCHRÖER, Saskia L. – PAJOLA, Luca – CASTAGNARO, Alberto – APRUZZESE, Giovanni – CONTI, Mauro (2025): Exploiting AI for Attacks: On the Interplay between Adversarial AI and Offensive AI. arXiv:2506.12519v2. Online: https://arxiv.org/html/2506.12519
SentinelOne (2025): What is Polymorphic Malware? Examples & Challenges. SentinelOne, 20 August 2025. Online: https://www.sentinelone.com/cybersecurity-101/threat-intelligence/what-is-polymorphic-malware/
SINGH, Bhagwant – CHEEMA, Sikander S. (2024): Emerging Trends in AI-Powered Malware Detection: A Review of Real-Time and Adversarially Resilient Techniques. Tuijin Jishu/Journal of Propulsion Technology, 45(4).
SYED, Shoeb A. (2025): Adversarial AI and Cybersecurity: Defending Against AI- Powered Cyber Threats. Iconic Research and Engineering Journals, 8(9), 1030–1041.
USMAN, Yusuf – UPADHYAY, Aadesh – CHATAUT, Robin – GYAWALI, Prashnna K. (2024): Is Generative AI the Next Tactical Cyber Weapon for Threat Actors? Unforeseen Implications of AI Generated Cyber Attacks. arXiv:2408.12806. Online: https://doi.org/10.48550/arXiv.2408.12806
VERTON, Dan (2025): The 2025 Cybersecurity Pulse Report. iSMG, 30 May 2025. Online: https://ismg.io/resource/rsac-2025-pulse/
YAMIN, Muhammad M. – ULLAH, Mohib – ULLAH, Habib – KATT, Basel (2021): Weaponized AI for Cyber Attacks. Journal of Information Security and Applications, 57. Online: https://doi.org/10.1016/j.jisa.2020.102722
YU, Jingru et al. (2024): The Shadow of Fraud: The Emerging Danger of AI-powered Social Engineering and its Possible Cure (Version 1). arXiv:2407.15912. Online: https://doi.org/10.48550/ARXIV.2407.15912
ZHU, Yuxuan et al. (2025): CVE-Bench: A Benchmark for AI Agents’ Ability to Exploit Real-World Web Application Vulnerabilities. arXiv:2503.17332v4. Online: https://arxiv.org/html/2503.17332v4