AI isn’t introducing entirely new cyber threats, but it is changing how easily they can be executed, and by whom. In this episode of Security Strategist, EM360Tech host Trisha Pillay speaks with Darren Anstee, Chief Technology Officer for Security at NETSCOUT, about how conversational AI is lowering the barrier to entry for cyberattacks. 

Drawing on real-world telemetry from thousands of enterprises and service providers, Anstee outlines how the threat landscape is shifting not through new attack types, but through scale, speed, and accessibility. At the centre of that shift are two forces, in his words, simplification and automation.

How AI is Changing Cyber Attacks

From a Distributed Denial-of-Service (DDoS) perspective, Anstee says, “AI isn’t creating fundamentally new attack vectors. Instead, it’s making existing ones easier to execute”. Historically, launching a sophisticated attack required time, expertise, and intent. Attackers would need to scan a target, identify vulnerabilities, select the right attack vectors, and continuously adapt based on how defences responded. That process demanded both technical knowledge and active decision-making. Now, much of that can be abstracted away.

As a result, conversational interfaces are increasingly being integrated into attack tools, allowing users to issue simple, natural language instructions. Behind the scenes, those tools can run reconnaissance, analyse results, select attack methods, and even adapt in real time if defences respond. As Anstee puts it, “the whole need for there being any knowledge in the seat has gone away.” The result is not necessarily more advanced attackers, but more attackers capable of attempting advanced techniques.

The Democratisation of Cyber Attacks

This shift has direct implications for enterprise risk. As sophisticated capabilities become more accessible, the volume and distribution of attacks change. Organisations that were previously unlikely targets are now within scope, not because they are high-value, but because they are reachable.

Anstee points to a growing trend, and that is attackers moving beyond heavily defended primary targets and focusing on secondary organisations within the digital supply chain. Suppliers, service providers, and partners often present a weaker entry point, while still offering indirect access to larger ecosystems. In practical terms, this expands the attack surface.

It also exposes a gap in how many organisations think about risk. Dependencies are not always fully mapped, and the resilience of third-party services is often assumed rather than verified. When those dependencies fail, be it through DDoS disruption or another incident, the impact can cascade quickly. What’s changing is not just who gets targeted, but how risk propagates across interconnected systems. This shift is being accelerated by automation.

Automation and Efficiency in Cybercrime

Automation is what turns accessibility into scale. The steps involved in launching an attack, reconnaissance, analysis, execution, and adaptation, can be structured as decision trees. AI systems can follow those paths quickly and consistently, removing the need for manual intervention at each stage. This has two consequences. First, it increases the frequency of attacks. More actors can launch them, and they can do so with less effort. Second, it compresses response time. Attacks can adapt dynamically, forcing defenders to react faster and with greater precision.

For many organisations, this exposes a mismatch between perceived and actual readiness. As Anstee notes, having defensive tools in place is not the same as knowing how they perform under real conditions. Firewalls and baseline protections may handle simple attacks, but they are often insufficient against multi-vector, adaptive threats. This is where his emphasis on certainty becomes critical.

Confidence—based on vendor claims or assumed coverage is not enough. Organisations need real visibility into how their defences behave in practice, across environments, and under pressure. Without that, decision-making is based on assumptions rather than evidence. In a landscape shaped by automation, that gap becomes harder to sustain.

For more information, visit netscout.com

Takeaways

  • AI is simplifying and automating cyber attacks, making them accessible to a broader range of attackers
  • Enterprises must reassess their risk management strategies 
  • The cost of cybersecurity is likely to rise as organisations enhance their defences
  • AI's impact on cyber attack sophistication
  • Democratisation of attack capabilities
  • Automation in attack execution
  • Supply chain vulnerabilities and third-party risks
  • Certainty vs. confidence in cybersecurity decision-making