SECURITYWEEK’S Cyber Insights 2026 survey foresees AI-driven acceleration of malware, ransomware, and identity-led intrusions, with agentic AI capable of autonomously planning and executing attack lifecycles. The piece highlights how attackers will automate nearly every stage of an attack and target specific organisations at scale, using AI to reverse engineer patches, tailor highly personal campaigns, and even generate data-extraction code and adversary-in-the-middle toolkits.
It notes a shift towards infostealers as the entry point and data broker, driver of reconnaissance, and exfiltration fuel, enabling live-off-the-land intrusions without traditional malware. Extortion remains a primary motive, while DDoS is predicted to surge again if ransomware pressures ease, and there is an emphasis on the rising prevalence of “identity-based” or malware-free intrusions alongside traditional threats.
According to The UK’s NCSC, fully automated end-to-end advanced cyberattacks are unlikely before 2027, with skilled actors still needing to remain in the loop, though attacks are expected to increase in volume, speed and targeting in 2026 and beyond. Written by Kevin Townsend on 2 February 2026, the analysis also discusses the evolving criminal ecosystem, including AI-enabled toolchains, platform-style gangs, and a growing class of script kiddies.