← all news

Anthropic maps a year of AI-enabled cyber attacks against MITRE ATT&CK

Security · · · source (anthropic.com)

Anthropic's Frontier Red Team spent a year studying 832 accounts they banned for malicious cyber activity, then mapped what those attackers were doing back to the MITRE ATT&CK framework. The result is a public report that argues the framework is already behind. Existing categories assume a human pulling steps together. Attackers using Claude and similar models are now chaining initial access, malware development, and lateral movement with much less human glue between them.

The numbers are concrete. Of the studied actors, 67.3 percent (560 accounts) used AI for malware development, and 6.5 percent (54) used it for lateral movement inside compromised networks. The share of medium-to-high-risk actors jumped from 33 percent in the first half of the study to 56 percent in the second half. A state-sponsored operation disrupted in November 2025 chained 30 techniques across 13 tactics in a single campaign. Less skilled actors averaged 16 techniques per intrusion; the most skilled reached 20. Anthropic argues the gap is closing because AI now performs the steps for the less sophisticated.

The team's call to action is for the security community to add AI-enabled behaviors to ATT&CK directly, instead of treating "AI use" as a side label. That includes new sub-techniques for things like model-driven script generation and automated post-exploitation. Anthropic publishes the data and methodology so other defenders can replicate the mapping on their own banned-account logs.

Why it matters

If you run a detection program, the playbooks you wrote against human-paced attacks have a shorter shelf life than you think. The takeaway is to instrument for AI-paced intrusion behavior now, and to push your vendors to update their MITRE mappings, not wait for the framework to catch up on its own.

AnthropicAI Use