The Use of Artificial Intelligence in Cyberattacks, Part 2: Phases 1– 4 of the Cyber Kill Chain Model

Zoltán Kovács

doi:10.32567/hm.2025.4.4

The Use of Artificial Intelligence in Cyberattacks, Part 2

Phases 1– 4 of the Cyber Kill Chain Model

Zoltán Kovács
https://orcid.org/0000-0003-2174-8213

doi: 10.32567/hm.2025.4.4

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Abstract

The first part of this series of articles provided an overview of artificial intelligence (AI) and its various subfields (e.g. machine learning, generative AI, etc.), and showed that the Cyber Kill Chain (CKC) model, despite all its limitations, is suitable for achieving the goal of this series of articles, i.e. it can be used to demonstrate how attackers can use AI in cyberattacks. In order to develop adequate cyber defence against AI-assisted cyberattacks, it is necessary to know what AI-assisted tools attackers can use in each phase of the attack. This article focuses on the first four phases of the CKC model (reconnaissance, weaponization, delivery and exploitation) to examine where and how attackers are already using artificial intelligence in the first four phases of the Cyber Kill Chain model to achieve their goals, and how this helps attackers.

Keywords:

artificial intelligence cybersecurity cyberattack Cyber Kill Chain OSINT exploit evasion phishing malware

References

ABBADI, Driss – LACHKAR, Abdelkader (2024): Cyber Threats in the Age of Artificial Intelligence. Exploiting Advanced Technologies and Strengthening Cybersecurity. International Journal of Science and Research Archive, 13(1), 2576–2588. Online: https://doi.org/10.30574/ijsra.2024.13.1.1961

AL-AZZAWI, Mays – DOAN, Dung – SIPOLA, Tuomo – HAUTAMÄKI, Jari – KOKKONEN, Tero (2025): Red Teaming with Artificial Intelligence-Driven Cyberattacks: A Scoping Review. arXiv:2503.19626. Online: https://doi.org/10.48550/arXiv.2503.19626

ALRZINI, Joma – PENNINGTON, Diane (2020): A Review of Polymorphic Malware Detection Techniques. International Journal of Advanced Research in Engineering and Technology (IJARET), 11(12), 1238–1247. Online: https://doi.org/10.34218/IJARET.11.12.2020.119

AMSTER, Alex [s. a.]: Automating Vulnerability Detection in Networks with AI. AllStarsIT, s. a. Online: https://www.allstarsit.com/blog/automating-vulnerability-detection-in-networks-with-ai

ARIF, Aftab – KHAN, Muhammad Ismaeel – KHAN, Ali Raza A (2024): An Overview of Cyber Threats Generated by AI. International Journal of Multidisciplinary Sciences and Arts, 3(4), 67–76. Online: https://doi.org/10.47709/ijmdsa.v3i4.4753

BLAKE, Harrison (2025): AI-Powered Threats in Supply Chains: A Looming Cybersecurity Challenge. ResearchGate. Online: https://www.researchgate.net/profile/Harrison-Blake-2/publication/389274676_AI-Powered_Threats_in_Supply_Chains_A_Looming_Cybersecurity_Challenge/links/67bc8c29461fb56424e8923e/AI-Powered-Threats-in-Supply-Chains-A-Looming-Cybersecurity-Challenge.pdf

Cybersecurity Forecast 2025 (2025): Google Cloud Security. Online: https://cloud.google.com/blog/topics/threat-intelligence/cybersecurity-forecast-2025

DEAN, B. (2025): New Report: Over 80% of Cyberattacks Now Use AI. Programs.com, 8 August 2025. Online: https://programs.com/resources/ai-cyberattack-stats/

DEES, Mels (2025): CrowdStrike Introduces Tools to Block Malicious AI Models. Techzine Global, 30 April 2025. Online: https://www.techzine.eu/news/security/130990/crowdstrike-introduces-tools-to-block-malicious-ai-models/

FADHIL, Ammar (2025): Enhancing Data Security: A Hybrid Approach of AI-Driven Steganography and Encryption. The Indonesian Journal of Computer Science, 14(2). Online: https://doi.org/10.33022/ijcs.v14i2.4759

FALADE, Polra V. (2023): Decoding the Threat Landscape: ChatGPT, FraudGPT, and WormGPT in Social Engineering Attacks. International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 9(5), 185–198. Online: https://doi.org/10.32628/CSEIT2390533

FERNÁNDEZ, Rodrigo (2025): AI-Driven Supply Chain Attacks: The New Cyber Risk in 2025. NeuralTrust, 25 September 2025. Online: https://neuraltrust.ai/blog/ai-driven-supply-chain-attacks

FRITSCH, Lothar – JABER, Aws – YAZIDI, Anis (2022): An Overview of Artificial Intelligence Used in Malware. In ZOUGANELI, Evi – YAZIDI, Anis – MELLO, Gustavo – LIND, Pedro (eds.): Nordic Artificial Intelligence Research and Development. Cham: Springer International Publishing, 41–51. Online: https://doi.org/10.1007/978-3-031-17030-0_4

GILES, Lionel (2013): Sun Tzu on the Art of War. London: Routledge. Online: https://doi.org/10.4324/9781315030081

GLYNN, Fergal (2025): AI Vulnerability Scanner: 6 Practical Metrics Every Security Team Should Monitor. Mindgard, 25 August 2025. Online: https://mindgard.ai/blog/ai-vulnerability-scanner-metrics

GOODFELLOW, Ian et al. (2020): Generative Adversarial Networks. Communications of the ACM, 63(11), 139–144. Online: https://doi.org/10.1145/3422622

HAUROGNÉ, Jean – BASHEER, Nihala – ISLAM, Shareeful (2024): Vulnerability Detection Using BERT based LLM Model with Transparency Obligation Practice towards Trustworthy AI. Machine Learning with Applications, 18. Online: https://doi.org/10.1016/j.mlwa.2024.100598

HITAJ, Briland – GASTI, Paolo – ATENIESE, Giuseppe – PEREZ-CRUZ, Fernando (2019): PassGAN: A Deep Learning Approach for Password Guessing. arXiv:1709.00440. Online: https://doi.org/10.48550/arXiv.1709.00440

HUTCHINS, Eric M. – CLOPPERT, Michael J., – AMIN, Rohan M. (2011): Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains. Leading Issues in Information Warfare & Security Research, 1(1), 1–14.

itszótár.hu (2025): Metamorf és polimorf kártevők: Ezen kártékony szoftverek működésének magyarázata. ITszotar.hu, 15 May 2025. Online: https://itszotar.hu/metamorf-es-polimorf-kartevok-ezen-kartekony-szoftverek-mukodesenek-magyarazata/

KUMAR, Ankit – CHAUHAN, Nidhi (2025): AI-Driven Optimization for Enhancing Performance, Efficiency, and Personalization in Content Delivery Networks. International Journal of Computer Techniques, 12(3), 1–9. Online: https://ijctjournal.org/wp-content/uploads/2025/06/AI-Driven-Optimization-for-Enhancing-Performance-Efficiency-and-Personalization-in-Content-Delivery-Networks.pdf

LUONG, Phung D. et al. (2025): xOffense: An AI-driven Autonomous Penetration Testing Framework with Offensive Knowledge-Enhanced LLMs and Multi Agent Systems. arXiv:2509.13021v1. Online: https://arxiv.org/html/2509.13021v1

Microsoft [s. a.]: What is the Cyber Kill Chain? Microsoft Security, s. a. Online: https://www.microsoft.com/en-us/security/business/security-101/what-is-cyber-kill-chain

MIRSKY, Yisroel et al. (2023): The Threat of Offensive AI to Organizations. Computers & Security, 124. Online: https://doi.org/10.1016/j.cose.2022.103006

Navigating a New Threat Landscape (2024). Darktrace. Online: https://www.darktrace.com/resources/navigating-a-new-threat-landscape

NOBLES, Calvin (2024): The Weaponization of Artificial Intelligence in Cybersecurity: A Systematic Review. Procedia Computer Science, 239, 547–555. Online: https://doi.org/10.1016/j.procs.2024.06.206

PARK, Jin H. – AYATI, Seyyed A. – CAI, Yichen (2025): Improving Acoustic Side-Channel Attacks on Keyboards Using Transformers and Large Language Models. arXiv:2502.09782. Online: https://doi.org/10.48550/arXiv.2502.09782

Phishing Trends Report (Updated for 2025) [s. a.]. Hoxhunt, s. a. Online: https://hoxhunt.com/guide/phishing-trends-report

POTTER, Yujin et al. (2025): Frontier AI’s Impact on the Cybersecurity Landscape. arXiv:2504.05408. Online: https://doi.org/10.48550/arXiv.2504.05408

ROHLF, Chris (2025): AI and the Software Vulnerability Lifecycle. Center for Security and Emerging Technology, 8 August 2025. Online: https://cset.georgetown.edu/article/ai-and-the-software-vulnerability-lifecycle/

SALEM, Maher – MRIAN, Mohammad (2025): AI-Driven Penetration Testing: Automating Exploits with LLMs and Metasploit-A VSFTPD Case Study. 2025 International Conference on New Trends in Computing Sciences (ICTCS), Amman, Jordan, 89–96. Online: https://doi.org/10.1109/ICTCS65341.2025.10989363

SCHRÖER, Saskia L. – PAJOLA, Luca – CASTAGNARO, Alberto – APRUZZESE, Giovanni – CONTI, Mauro (2025): Exploiting AI for Attacks: On the Interplay between Adversarial AI and Offensive AI. arXiv:2506.12519v2. Online: https://arxiv.org/html/2506.12519

SentinelOne (2025): What is Polymorphic Malware? Examples & Challenges. SentinelOne, 20 August 2025. Online: https://www.sentinelone.com/cybersecurity-101/threat-intelligence/what-is-polymorphic-malware/

SINGH, Bhagwant – CHEEMA, Sikander S. (2024): Emerging Trends in AI-Powered Malware Detection: A Review of Real-Time and Adversarially Resilient Techniques. Tuijin Jishu/Journal of Propulsion Technology, 45(4).

SYED, Shoeb A. (2025): Adversarial AI and Cybersecurity: Defending Against AI- Powered Cyber Threats. Iconic Research and Engineering Journals, 8(9), 1030–1041.

USMAN, Yusuf – UPADHYAY, Aadesh – CHATAUT, Robin – GYAWALI, Prashnna K. (2024): Is Generative AI the Next Tactical Cyber Weapon for Threat Actors? Unforeseen Implications of AI Generated Cyber Attacks. arXiv:2408.12806. Online: https://doi.org/10.48550/arXiv.2408.12806

VERTON, Dan (2025): The 2025 Cybersecurity Pulse Report. iSMG, 30 May 2025. Online: https://ismg.io/resource/rsac-2025-pulse/

YAMIN, Muhammad M. – ULLAH, Mohib – ULLAH, Habib – KATT, Basel (2021): Weaponized AI for Cyber Attacks. Journal of Information Security and Applications, 57. Online: https://doi.org/10.1016/j.jisa.2020.102722

YU, Jingru et al. (2024): The Shadow of Fraud: The Emerging Danger of AI-powered Social Engineering and its Possible Cure (Version 1). arXiv:2407.15912. Online: https://doi.org/10.48550/ARXIV.2407.15912

ZHU, Yuxuan et al. (2025): CVE-Bench: A Benchmark for AI Agents’ Ability to Exploit Real-World Web Application Vulnerabilities. arXiv:2503.17332v4. Online: https://arxiv.org/html/2503.17332v4