Yes, Attackers Have AI Now. No, You Don't Need to Panic — Here's Why

A client who runs a 20-person accounting firm in Nashua called us in March with a question he’d clearly been chewing on for a while. He’d just read a headline about a hacker using AI to run an entire attack campaign by himself, and he wanted to know one thing: “Do we need to throw out everything we just bought and start over?”

No. You don’t.

That’s the honest answer, and it’s the one most of the security industry won’t give you right now, because there’s money in scaring you. The reality is more boring and more useful: attackers having AI is a real shift, it makes them faster and cheaper and harder to spot, and the things that stop them are almost exactly the same things that stopped them last year. The fundamentals didn’t change. The marketing did.

Let me explain what actually happened, what it means for a small business in New Hampshire or Massachusetts, and what you should — and shouldn’t — do about it.

The incident everyone’s referencing

The story your accountant read is real, and it’s worth understanding because it’s the clearest example we have of where this is going.

In mid-2025, a single individual used an agentic AI tool — one that can plan and execute multi-step tasks on its own, not just answer questions — to run an extortion campaign against roughly 17 organizations. The AI did the heavy lifting at nearly every stage. It helped write the malicious code. It organized the stolen files once they were exfiltrated. It analyzed the victims’ financial records to figure out how much each one could realistically pay, then calibrated the ransom demands accordingly. It even drafted the extortion emails.

One person. Seventeen targets. Work that used to require a small team with a mix of specialized skills.

That’s the part that matters. Not that AI invented a new kind of attack — it didn’t. The attack itself (break in, steal data, demand money) is the same playbook criminals have run for a decade. What changed is that one person with modest skills could now operate at the scale and polish of a much larger, more experienced crew.

What AI actually does for an attacker

Strip away the hype and AI gives criminals four concrete advantages. None of them are magic. All of them are about doing old things better.

Speed. Reconnaissance that used to take a skilled attacker days — mapping your network, identifying which software versions you’re running, matching them to known vulnerabilities — can now happen in a fraction of the time. The AI doesn’t get tired, doesn’t get distracted, and doesn’t need to sleep.

Scale. A human phishing operator can write maybe a few dozen convincing, personalized emails in a day. An AI can write thousands, each one tailored to the specific recipient using details scraped from LinkedIn, your company website, and past data breaches. The “spray and pray” mass phishing of five years ago is being replaced by mass personalized phishing.

Polish. This is the one that hits small businesses hardest. The classic advice — “watch for spelling mistakes and weird grammar” — is dead. AI-generated phishing emails are clean. They match your industry’s vocabulary. They reference real projects and real people. The tell that used to give scams away is gone, because the tool that wrote the email writes better English than most of the people in your office.

Lowered skill barrier. You used to need real technical chops to write functional malware or chain together an attack. Now a motivated amateur can ask an AI to do a lot of that work. This is the genuinely new part: the number of people capable of running a credible attack just went up, a lot.

So yes — more attackers, moving faster, with more convincing lures, at larger scale. That’s the threat, stated plainly and without the doom soundtrack.

Here’s the part the fear-sellers skip

Now the reassuring part, and it’s not spin.

Every one of those AI-powered attacks still has to get in somewhere. And the doors they come through are the same doors they’ve always come through:

• A stolen or reused password with no second factor behind it
• An unpatched server or workstation running software with a known hole
• An employee who clicks a link and types their credentials into a fake login page
• A backup that turned out to be incomplete, out of date, or sitting on the same network the ransomware just encrypted

AI makes the knock on those doors faster and more convincing. It does not pick a lock you’ve already deadbolted. A phishing email written by the world’s best AI still fails if the employee has phishing-resistant multifactor authentication and the stolen password is therefore useless. AI-accelerated reconnaissance that finds an unpatched vulnerability finds nothing if you patched it last Tuesday.

Compromised credentials were involved in roughly 42% of breaches last year, and credential reuse is on track to account for nearly half of successful small-business breaches. That’s not an AI problem. That’s a password-and-MFA problem — and we’ve known how to solve it for years.

This is why we don’t panic when a client asks about AI attacks. The attack surface didn’t grow. The attackers just got more efficient at probing the surface that was already there.

What hasn’t changed: the defenses that work

If you do these well, you are in good shape against an AI-assisted attacker for the same reason you were in good shape against a human one. None of this is exotic. That’s the point.

Phishing-resistant multifactor authentication

If there’s one thing to take from this entire article, it’s this. The single highest-value control against AI-supercharged phishing is MFA — and specifically the phishing-resistant kind (hardware keys or passkeys, not SMS codes you can be tricked into reading aloud). When the password gets stolen — and with AI-quality phishing, assume it eventually will — MFA is the wall the attacker hits. It’s cheap. It’s available. Most small businesses still haven’t fully deployed it.

Patching, on a real schedule

Most successful intrusions exploit vulnerabilities that had a patch available — sometimes for months. AI just finds the unpatched ones faster. A disciplined software updates and patch management routine closes that window before the automated scanners get to it. Boring. Effective. Non-negotiable.

Backups that actually survive an attack

Ransomware crews stopped relying on encryption alone. The modern move is double extortion: they steal your data first, then encrypt it, then threaten to leak it publicly whether or not you pay. That means two things. First, your backups need to be offline or immutable so the attacker can’t encrypt them too — and they need to be tested, because an untested backup is a hope, not a plan. Second, backups alone no longer save you from the leak half of the threat, which is exactly why the other controls on this list matter. Solid cloud backup solutions handle the recovery side; they don’t excuse you from prevention.

Monitoring and detection

You cannot respond to what you cannot see. AI-accelerated attacks move fast, which makes the gap between “they got in” and “you noticed” the whole ballgame. Continuous remote monitoring and management with real alerting — and a human who actually looks at the alerts — is how a contained incident stays contained instead of becoming a closure notice. Sixty percent of small businesses that suffer a serious breach are gone within six months. Detection speed is the difference.

Least privilege and email filtering

Not everyone needs admin rights. Not every account needs access to every file share. When an attacker does get a foothold, least-privilege access decides whether they land in one cabinet or the whole building. And modern email filtering catches a large share of phishing before a human ever has to make a judgment call — which matters more than ever now that the “obvious tells” are gone.

Training, but the honest version

Security awareness training still helps, but let’s be realistic about it: you cannot train your way out of AI-generated phishing that’s genuinely indistinguishable from a real email. Train people to slow down on anything involving money, credentials, or urgency — and then build the technical controls (MFA, filtering, least privilege) that catch the clicks training will inevitably miss. Anyone selling training as your primary defense is selling you a false sense of security.

We use AI on the defensive side too — and we still pay humans

Fair question: if attackers are using AI, shouldn’t your defenders be? We are. We use AI tooling to help triage alerts, scan our own and clients’ networks for exposures, and sift through the volume of logs no human could read in a day. It’s genuinely useful for the same reasons it’s useful to attackers — speed and scale.

But here’s where we part ways with the vendors selling “AI-powered security” as a silver bullet: the AI doesn’t make the final call. It hallucinates. It misses business-logic problems a human would catch in a second — like the fact that the “low-severity” finding on your billing server is actually a five-alarm fire because that’s where your client payment data lives. AI is a force multiplier for a competent human. It is not a replacement for one, and any product that pitches it as one is hoping you don’t know the difference.

That’s the same reason we still recommend a real human penetration test once a year even though we can run AI-assisted scans continuously. Different tools, different jobs.

What you should NOT do

Because this is the part where small businesses get hurt — not by the attackers, by the panic response.

Don’t rip out what’s working to buy a shiny “AI security platform.” Vendors are slapping “AI” on everything right now and charging a premium for it. If your fundamentals aren’t solid, no amount of AI tooling fixes that — you’ve just bought an expensive layer on top of a weak foundation. If your fundamentals are solid, you probably don’t need the shiny thing. Spend the money on MFA rollout and patching discipline first.

Don’t let anyone scare you into a stack of overlapping tools you can’t manage. We’ve walked into plenty of NH and MA businesses paying for six security products that overlap, half-configured, with nobody watching the dashboards. More tools is not more security. It’s more attack surface and more bills. Right-sized and well-run beats expensive and ignored every time.

Don’t assume you’re too small to matter. The opposite is true. AI made it economically viable to attack small targets at scale, because the cost of running the attack dropped to near zero. “We’re too small for anyone to bother” was never a great strategy. Now it’s actively wrong.

The bottom line for NH and MA businesses

Attackers having AI is a real change, and we’re not going to pretend otherwise. But it’s a change in efficiency, not in fundamentals. The criminals got a better engine. The doors they’re trying to come through are the same ones, and the locks that work still work.

If you’ve got phishing-resistant MFA everywhere, a real patching schedule, tested offline backups, monitoring with a human watching it, and least-privilege access, you are defending against an AI-assisted attacker about as well as you can — and far better than most. If you’re missing pieces of that, that’s where to spend your attention and budget. Not on the panic-buy. On the foundation.

The businesses that get hurt over the next year won’t be the ones that failed to buy the latest AI defense product. They’ll be the ones that never finished deploying MFA because it was on the to-do list.

Not sure where your foundation actually stands? That’s exactly what our free cybersecurity audit is for. We’ll look at what you’ve got, tell you honestly what’s solid and what’s a gap, and we won’t try to scare you into anything you don’t need. No AI sales pitch. Just a straight answer about whether your locks are deadbolted.