Artificial intelligence and emerging cyber threats: A comprehensive analysis of Ai-driven cybercrime in the digital age
DOI:
https://doi.org/10.29070/qqxt1475Keywords:
artificial intelligence, cybercrime, deepfakes, adversarial machine learning, ransomware, social engineering, AI governance, cybersecurity policyAbstract
The convergence of artificial intelligence (AI) and cybercrime constitutes one of the most consequential security challenges of the twenty-first century. This article provides a comprehensive interdisciplinary analysis of how AI technologies are being operationalised across the full spectrum of cybercriminal activity, encompassing AI-augmented phishing and social engineering, deepfake-enabled financial fraud and political disinformation, autonomous and polymorphic malware, and adversarial attacks targeting AI systems themselves. Drawing on recent empirical research, documented incident cases, and policy developments across multiple jurisdictions, the analysis identifies critical technical and socio-legal gaps in current cybersecurity defences. It further evaluates how AI can be harnessed as a defensive instrument and examines the emerging regulatory landscape, including the EU AI Act (2024), the UK Online Safety Act (2023), and proposed legislative reforms in India. The article concludes with prioritised recommendations for policymakers, the cybersecurity industry, and the research community, arguing that effective governance of AI-enabled cybercrime demands urgent, internationally coordinated action. The analysis contributes to the nascent interdisciplinary field of AI security studies and identifies three empirical research gaps warranting systematic investigation.
Downloads
References
1. Anderson, H. S., Kharkar, A., Filar, B., Evans, D., & Roth, P. (2023). Learning to evade static PE machine learning malware models via reinforcement learning. MIT Lincoln Laboratory Technical Report.
2. Brundage, M., Avin, S., Clark, J., Toner, H., Eckersley, P., Garfinkel, B., & Amodei, D. (2018). The malicious use of artificial intelligence: Forecasting, prevention, and mitigation. arXiv preprint arXiv:1802.07228.
3. Council of Europe. (2001). Convention on Cybercrime (Budapest Convention). European Treaty Series No. 185.
4. Cybersecurity Ventures. (2023). Cybercrime to cost the world $8 trillion in 2023. Cybercrime Magazine. Retrieved from https://cybersecurityventures.com
5. European Union. (2024). Regulation (EU) 2024/1689 of the European Parliament and of the Council on Artificial Intelligence (AI Act). Official Journal of the European Union, L 2024/1689.
6. Europol. (2024). The criminal use of artificial intelligence: A Europol spotlight report. European Union Agency for Law Enforcement Cooperation.
7. Hazell, J. (2023). Large language models can be used to effectively scale spear phishing campaigns (arXiv:2305.06972). University of Oxford.
8. Hong Kong Police Force. (2024, February). Multi-million dollar deepfake fraud case – Media briefing. Commercial Crime Bureau.
9. Krebs on Security. (2023). Voice deepfake used to defraud CEO of USD 243,000. Retrieved from https://krebsonsecurity.com
10. Mandiant Threat Intelligence. (2024). LockBit 4.0 technical analysis: AI-augmented ransomware capabilities. Google Cloud Mandiant.
11. Ministry of Electronics and Information Technology (MeitY). (2024). Digital India Act: Draft provisions on AI-generated content and platform accountability. Government of India.
12. Stanford Internet Observatory. (2024). Synthesis and deception: AI-generated media in global electoral disinformation campaigns 2023–2024. Stanford University.
13. United Kingdom. (2023). Online Safety Act 2023. His Majesty's Stationery Office.
14. Verizon. (2024). 2024 Data Breach Investigations Report. Verizon Business.
This work is licensed under a 