Once, cyber-attacks required great skill. AI is changing that | Bruce Schneier

E arlier this week, national security agencies from the Five Eyes – that’s the rich, English-language-speaking countries club – jointly released a statement warning of the increasing cyber risks of AI models: in particular, their ability to autonomously hack into systems and networks. The statement was more measured than some of the breathless headlines about it, and the advice they gave is pretty much the standard advice everyone gives – albeit with newfound urgency. Internet risks are nothing new, and cyber-attacks – both large and small – have been a significant issue since long before the current crop of generative AI models. What’s been changing over the decades, and what AI is changing even faster, is the gap between skill and ability. For most of human history, the two terms were synonymous – but computers have decoupled them. As the gap between the two expands, humans empowered with these AI tools can do