## The Arms Race Has a New Weapon
Security has always been an arms race between attackers and defenders. Defenders build better locks; attackers learn to pick them. What's changed in 2026 is that both sides now have access to powerful AI, and the implications for the balance of power are significant and still playing out.
Attackers with AI can generate highly personalised spear-phishing campaigns at massive scale — thousands of individually crafted emails that would have taken skilled social engineers weeks to write. They can use large language models to write malware that evades static analysis. They can scan for vulnerabilities faster and more comprehensively than any human team. They can create deepfake audio and video that defeats voice and face verification systems.
Defenders with AI can detect anomalies faster, correlate threats more effectively, and automate responses that would have required skilled human intervention. The question is whether the defensive use of AI is keeping pace with the offensive use, and the honest answer is: sometimes yes, sometimes no, and we need to get better at the defensive application of AI faster.
## AI-Powered Attack Vectors in 2026
AI-enhanced phishing is probably the most immediate practical concern for most organisations. Traditional phishing campaigns send generic messages to large lists. AI-powered phishing creates highly targeted messages that reference specific people, projects, relationships, and context scraped from public sources — LinkedIn, company websites, news articles, social media. These hyper-personalised messages achieve dramatically higher success rates than generic campaigns.
Deepfake fraud — using AI-generated audio and video to impersonate executives and authorise fraudulent transactions — has moved from theoretical risk to real-world incidents. There have been documented cases of finance teams authorised to transfer significant sums based on convincing deepfake video calls from someone impersonating their CFO. Standard verification processes are not sufficient defence.
AI-assisted vulnerability discovery allows attackers to identify and correlate vulnerabilities much faster than the traditional human-intensive process. By training models on vast repositories of vulnerability data, CVE descriptions, and exploit code, attackers can identify which of your exposed systems are vulnerable and potentially auto-generate exploit code.
## Defensive Strategies for Adversarial AI
Defending against AI-enhanced phishing requires moving beyond standard email security. Behavioural email analysis — looking at sender reputation, communication patterns, request type, and contextual signals — catches many AI-generated phishing attempts that signature-based filters miss. Out-of-band verification protocols for high-value requests (financial transfers, credential changes) are essential — and those verification protocols need to be robust against deepfake attacks.
Anti-deepfake capabilities are maturing rapidly. Microsoft, Intel, and several security vendors offer deepfake detection tools that analyse video and audio for AI generation artefacts. More important than technology alone is process: for any significant financial transaction or security-sensitive decision requested via video or audio channel, require a second verification factor through a different channel.
Adversarial robustness testing of your own AI security systems is an area most organisations haven't yet addressed but need to. If attackers know you're using ML-based anomaly detection, they can craft attacks specifically designed to evade it. Red-teaming your AI security systems with adversarial techniques is the only way to understand where they're vulnerable.
*Lara IT Solutions provides adversarial AI assessments and security architecture review for UK enterprises. Call 0330 043 1930.*