Unit 42 Warns: Agentic AI Accelerates Cyberattacks 100x

Palo Alto Networks’ Unit 42 has developed and tested a groundbreaking Agentic AI Attack Framework, revealing just how dramatically artificial intelligence can accelerate cyber threats. According to the newly released Unit 42 2025 Global Incident Response Report, malicious actors using AI can increase the speed of their attacks by as much as 100 times compared to traditional methods.

The findings show that the mean time to exfiltrate (MTTE) — the average time from initial compromise to data theft — has dropped sharply in recent years. In 2021, MTTE averaged nine days. By 2024, that figure had fallen to just two days, with 20% of attacks completing data exfiltration in under one hour.

In controlled simulations, Unit 42 successfully executed a full ransomware operation — from initial breach to data extraction — in just 25 minutes, using AI to optimize every phase of the attack chain. This leap in speed, combined with automation, represents a fundamental shift in the cyber threat landscape.

AI in Action: How Threat Actors Are Adapting
Recent investigations have uncovered multiple ways attackers are weaponizing AI:

• Deepfake-powered social engineering by groups like Muddled Libra (Scattered Spider), who use AI-generated audio and video to impersonate employees in help desk scams.

• North Korean IT operatives deploying real-time deepfake technology to infiltrate companies through remote work roles, creating serious security and compliance risks.

• Generative AI in ransomware negotiations, enabling attackers to overcome language barriers and push for higher payouts.

• AI-driven assistants rapidly scanning environments to locate sensitive credentials.

The Rise of Agentic AI
One of the most concerning developments is the emergence of — autonomous systems capable of making decisions, learning from outcomes, solving problems, and adapting strategies without human oversight. These systems can independently conduct multistep attacks, from reconnaissance to mid-operation tactical shifts, making them faster, more adaptive, and harder to contain.

As these models become more accessible, Unit 42 predicts a surge in self-directed cyberattacks that will test the limits of current detection and response strategies. The newly developed Agentic AI Attack Framework showcases just how easily such systems can be turned against enterprises, requiring only minimal attacker input to launch complex operations at scale.

Looking ahead, Unit 42 plans to integrate Agentic AI attack simulations into its purple teaming programs, helping organizations stress-test their defenses against this next-generation threat.

A Call to Action
The arrival of Agentic AI is not a distant possibility — it’s already reshaping the cybersecurity battlefield. For CXOs and security leaders, the message is clear: understanding and preparing for AI-augmented attacks is now a critical part of protecting your organization’s digital assets.

About Palo Alto Networks
Palo Alto Networks (NASDAQ: PANW) is the global leader in AI-driven cybersecurity, trusted by over 70,000 organizations worldwide. With a comprehensive portfolio spanning network, cloud, security operations, and AI-powered threat intelligence from Unit 42, the company is committed to safeguarding the digital way of life while enabling innovation at scale. Learn more at www.paloaltonetworks.com.