State actors and criminal enterprises are using deepfakes, autonomous malware, and AI-generated exploits to overwhelm corporate defenses, with average breach costs hitting $7.2 million, new study finds.
DUBAI/LONDON — The rapid weaponisation of artificial intelligence amid the ongoing US-Israel-Iran conflict has triggered a 340% surge in AI-fueled cyber breaches over the past six months, overwhelming traditional corporate defenses and driving financial losses to historic extremes, according to cybersecurity analysts and a new digital forensic study.
Both nation-state actors and criminal enterprises have accelerated their use of AI since the onset of the Iran war on February 28, designing cyberattacks aimed at business disruption, chaos, psychological impact, and financial gain, experts told Khaleej Times.
Large multinational organizations are now absorbing an average loss of $7.2 million per breach — a 48% increase in just 18 months — while AI-enabled intrusions remain undetected for a median of 387 days, according to a study by UAE-based Rayad Group.
Global breach costs in 2025 have already surpassed $52 billion, with projections indicating losses could climb to $78 billion this year — a figure likely to rise further given the ongoing Middle East conflict.
“We’re witnessing attack sophistication that would have seemed like science fiction 24 months ago,” said cybersecurity expert Rayad Kamal Ayub. “Deepfake authentication, AI-generated zero-day exploits, autonomous malware that evolves in real-time — these aren’t theoretical threats anymore. They’re happening daily, and frankly, most organizations are completely unprepared.”
He added: “The Iran conflict didn’t just trigger a wave of state-sponsored attacks — it catalysed the wholesale weaponisation of AI by both nation-state actors and criminal enterprises.”
Notorious cyberattacks in the past six months
March 2026: DarkSword campaign – This highly adaptive AI-driven intrusion targeted enterprise Windows environments and iOS mobile fleets, marking one of the first large-scale cross-platform AI attacks. More than 62,000 endpoints across North America and Europe were compromised, with cumulative enterprise losses exceeding $1 billion.
February 2026: $847 million energy infrastructure attack – State-linked actors used flawless AI deepfakes to impersonate regulatory authorities, compromising operational technology across 47 facilities in Germany, France, and the Netherlands. The attack left 14 million people without power for up to 72 hours.
January 2026: $438 million healthcare breach – UnitedHealth Group revealed the largest healthcare data breach on record, exposing personal information of 89 million patients. The intrusion leveraged AI-enhanced credential-stuffing and remained undetected for 92 days.
December 2025: Deepfake voice fraud – JPMorgan Chase disclosed $267 million in unauthorized trades after attackers bypassed phone-based verification using sophisticated AI voice synthesis.
November 2025: Pharmaceutical IP heist – The “PharmaSiphon” malware operated silently for 127 days, using machine learning to extract only the most commercially valuable assets.
What must be done
Cybersecurity analysts warn that legacy security architectures have catastrophically failed. Organizations still relying on perimeter defenses, signature-based detection, and compliance checklists are operating under a dangerous illusion of protection.
“The security architecture that protected you 18 months ago is now completely obsolete,” Ayub said. “Organizations clinging to traditional security models are sitting ducks. The message is unambiguous: Immediately implement zero-trust architecture, AI-powered behavioral analytics, and continuous identity verification. In the age of AI, catastrophic breach is not a question of if, but when.”
