Mumbai: Global cybersecurity and digital company Kaspersky raised urgent concerns about the rising misuse of artificial intelligence (AI) in cyberattacks across Asia Pacific (APAC).

According to Kaspersky experts, 2024 saw over 3 billion malware attacks globally, with a daily average of 467,000 malicious files detected. Windows systems were most frequently targeted, and Trojan detections rose by 33 per cent year-over-year.

Financial cybercrime also surged worldwide, with a 2x increase in mobile financial threat victims and escalating phishing attacks targeting cryptocurrencies. Misleading apps, including fake VPNs, also proliferated, as did threats against gamers and children. Alarmingly, 45% of passwords could be cracked in under a minute.

But beyond volume, the nature of threats is shifting with AI becoming a double-edged sword in cybersecurity.

“Cybercriminals are leveraging AI to create phishing content, develop malware, and even launch deepfake-based social engineering attacks,” says Vladislav Tushkanov, Machine Learning Technology Research Group manager at Kaspersky.

In a press statement, he warned of LLM-native vulnerabilities, AI supply chain attacks, and the growing problem of shadow AI, the unauthorized use of AI tools by employees that may leak sensitive data.

In one alarming example, Kaspersky researchers found malicious AI models hosted on public repositories, and corporate environments are now vulnerable to prompt injection, hallucination errors, and insecure account handling within generative AI systems.

“AI is reshaping both the threat landscape and the defenses,” says Adrian Hia, Managing Director for Asia Pacific at Kaspersky. “To stay ahead, organizations need more than just tools, they need intelligent SOCs that combine automation, threat intelligence, and human expertise. That’s the foundation for resilient, AI-ready cybersecurity. At the end of the day, the winners in cybersecurity will be those who don’t just adopt AI, but secure it.”