AI-Augmented Threat Activity
Mapping Cybercriminal and APT Tradecraft to MITRE ATT&CK and the Cyber Kill Chain
AI-Augmented Threat Activity: Mapping Cybercriminal and APT Tradecraft to MITRE ATT&CK and the Cyber Kill Chain
Executive Overview
The integration of artificial intelligence—particularly large language models (LLMs) and adjacent machine learning tooling—into offensive cyber operations is no longer speculative. Multiple advanced persistent threat (APT) groups and cybercriminal actors have operationalized AI as a force multiplier across the intrusion lifecycle. Rather than introducing wholly novel tactics, AI enhances the speed, scale, adaptability, and linguistic sophistication of existing tradecraft. This report consolidates observed usage patterns and maps them to the MITRE ATT&CK framework and the Lockheed Martin Cyber Kill Chain, providing a unified analytical model for defenders.
Threat Actors Observed Using AI
The following actors and clusters have been credibly linked to AI-assisted operations:
APT36 (Transparent Tribe)
UNC2970 (North Korea-linked)
TEMP.HEX (China-linked cluster)
Broad Chinese state-linked clusters (TEMP/UNC designations)
Iranian state-aligned intrusion sets
North Korean APT ecosystem (multiple units)
Russian state-linked APT groups
HONESTCUE malware operators (likely state-linked)
AI-enabled ransomware operators (various, often unbranded)
WormGPT-enabled cybercriminal communities
These actors span both nation-state and financially motivated ecosystems, indicating that AI adoption is horizontal rather than confined to elite units. As we wander down this road of discovering more about the AI-augmented adversary, we will update the above list with our own contributions to the field.
Reconnaissance and Intelligence Preparation
In the reconnaissance phase of the Cyber Kill Chain, corresponding to MITRE ATT&CK Reconnaissance tactics (TA0043), AI is primarily used to automate and enrich open-source intelligence collection. Techniques such as T1589 (Gather Victim Identity Information), T1593 (Search Open Websites/Domains), and T1591 (Gather Victim Organisation Information) are significantly accelerated through LLM-driven summarisation, entity extraction, and relationship mapping.
Actors such as UNC2970 and TEMP.HEX have demonstrated the ability to construct highly detailed target profiles by aggregating fragmented public data and synthesising it into actionable intelligence. This reduces the time required for target development and improves the precision of downstream social engineering.
Resource Development and Weaponisation
During resource development, aligned with MITRE ATT&CK TA0042, AI is used to generate both technical and social infrastructure. This includes techniques such as T1583 (Acquire Infrastructure), T1585 (Establish Accounts), and T1608 (Stage Capabilities). AI systems are leveraged to produce convincing synthetic identities, including resumes and online personas, which are particularly relevant in North Korean workforce infiltration campaigns.
Simultaneously, AI-assisted code generation enables rapid prototyping of malware and tooling. APT36 exemplifies this approach by producing large volumes of disposable malware variants, often written in less common programming languages to evade static detection mechanisms. This represents a shift toward high-frequency, low-cost weaponisation.
Initial Access: Phishing and Exploitation
Initial access remains the most visibly transformed phase. Within the Cyber Kill Chain’s delivery and exploitation stages, and mapped to MITRE ATT&CK Initial Access (TA0001), AI has dramatically improved the effectiveness of T1566 (Phishing).
LLMs enable the generation of context-aware, linguistically precise phishing emails that closely mimic legitimate communication styles. These messages are often dynamically adapted during live interactions, enabling conversational phishing rather than static lure delivery. This capability is widely observed across both APT and cybercriminal actors, including ransomware groups leveraging tools derived from systems like WormGPT.
AI is also beginning to assist in T1190 (Exploit Public-Facing Applications) by supporting vulnerability research and proof-of-concept development, although this remains less mature than social engineering use cases.
Execution and Code Delivery
In the execution phase, mapped to MITRE ATT&CK Execution (TA0002), AI contributes to techniques such as T1059 (Command and Scripting Interpreter) and T1204 (User Execution). Its primary function is the generation and transformation of scripts across multiple languages and environments.
APT36’s activity illustrates the operational advantage of AI in this phase. Malware can be continuously rewritten, translated between programming languages, and obfuscated in near real time. This undermines traditional signature-based detection and introduces a polymorphic dimension to even relatively unsophisticated payloads.
Persistence, Privilege Escalation, and Defence Evasion
Across persistence (TA0003), privilege escalation (TA0004), and defence evasion (TA0005), AI acts as a decision-support and automation layer. Techniques such as T1547 (Boot or Logon Autostart Execution), T1053 (Scheduled Task/Job), and T1068 (Exploitation for Privilege Escalation) are increasingly supported by AI-generated scripts tailored to the victim environment.
Defence evasion is particularly impacted. Techniques including T1027 (Obfuscated/Compressed Files and Information) and T1562 (Impair Defences) benefit from AI’s ability to continuously rewrite code, adjust obfuscation strategies, and recommend evasion methods based on known detection patterns. The HONESTCUE malware represents a more advanced evolution, where code is generated dynamically at runtime via AI interaction, significantly reducing static forensic artefacts.
Credential Access and Discovery
In credential access (TA0006) and discovery (TA0007), AI enhances both automation and analytical capability. Techniques such as T1003 (OS Credential Dumping) and T1082 (System Information Discovery) are supported by AI systems that can interpret outputs, prioritise targets, and recommend next steps.
Rather than manually parsing large volumes of system data, operators can rely on AI to summarise and contextualise findings. This reduces cognitive load and accelerates decision-making during lateral movement preparation.
Lateral Movement and Command & Control
During lateral movement (TA0008) and command and control (TA0011), AI assists in strategy formulation and traffic shaping. Techniques such as T1021 (Remote Services) and T1071 (Application Layer Protocol) are augmented by AI systems capable of identifying optimal pivot paths and generating scripts to execute them.
AI also enables more adaptive command-and-control behaviours. Traffic can be shaped to resemble legitimate patterns, and beaconing intervals can be dynamically adjusted, complicating network-based detection.
Exfiltration and Impact
In the final stages of the Cyber Kill Chain—exfiltration and actions on objectives—AI contributes to both efficiency and monetisation. Techniques such as T1041 (Exfiltration Over C2 Channel) and T1486 (Data Encrypted for Impact) are enhanced by AI-driven data prioritisation and automation.
Ransomware operators, in particular, have begun using AI to determine which data is most valuable, optimise exfiltration strategies, and even generate ransom notes and negotiation messaging. Some reports indicate early use of AI to model victim payment likelihood and adjust ransom demands accordingly, representing a shift toward data-driven extortion operations.
Analytical Conclusions
AI’s role in cyber operations is best understood as a cross-cutting augmentation layer rather than a discrete capability. It is most impactful in phases that benefit from scale, language generation, and rapid iteration—namely reconnaissance, initial access, execution, and defence evasion.
The most affected MITRE ATT&CK techniques include T1566 (Phishing), T1027 (Obfuscation), T1059 (Scripting), and reconnaissance-related techniques such as T1589 and T1593. Across the Cyber Kill Chain, AI compresses timelines, enabling faster progression from reconnaissance to exploitation and increasing the throughput of parallel operations.
For defenders, this evolution necessitates a shift away from static detection models toward behavioural analytics, identity-centric security controls, and anomaly detection. The increasing volatility of attacker tooling—driven by AI-generated variation—renders signature-based approaches progressively less effective.
A (Tentative) Final Assessment
The adoption of AI by both APT groups and cybercriminal organisations represents a systemic change in operational efficiency rather than a tactical revolution. However, the cumulative effect is significant: higher attack volume, improved social engineering success rates, and reduced barriers to entry for less sophisticated actors. As AI capabilities continue to mature, particularly in autonomous decision-making and real-time adaptation, their integration into offensive cyber operations is expected to deepen across all phases of the intrusion lifecycle.