(TNS) — The rise of AI-driven cyber attacks is a growing concern for school district technology director Gary Lackey, who emphasizes that hackers are becoming increasingly adept at using AI to impersonate real individuals, thus enhancing their chances of breaching school systems. The Goose Creek Consolidated Independent School District, serving 24,000 students near Houston, faces threats as educators report a significant uptick in cyber attacks, with a recent survey indicating that 51% believe the severity of these threats will increase due to AI.

The sophistication of these threats stems from the ability of hackers to deploy AI tools that can research organizations, identify key personnel, and craft convincing phishing attempts. Such advancements make typical red flags, like misspellings in phishing emails, easier to bypass. When institutions fall victim to cyber attacks, the repercussions can be severe; such incidents not only create distractions but can also halt operations entirely.

To combat this evolving threat landscape, educators are advised to prioritize verification practices over reliance on technology. For instance, verifying requests from superiors through a phone call can help avoid falling victim to social engineering tactics, where attackers leverage authority to prompt quick, unverified actions.

Furthermore, deepfake technology poses a severe risk, with the potential for hackers to replicate the voices of school officials, thus facilitating impersonation and fraud. As AI-fueled tools designed to combat cyber threats are emerging, many schools remain hesitant to adopt them widely. Vigilance and education around these risks are essential to safeguard school districts and the sensitive data they manage.

Commercial AI services are empowering less skilled cybercriminals to execute large-scale cyberattacks, a trend monitored by Amazon Threat Intelligence. A recent case revealed a financially motivated Russian-speaking threat actor using various generative AI tools to breach over 600 FortiGate devices in more than 55 countries from January 11 to February 18, 2026. Notably, this attack succeeded not by exploiting vulnerabilities but by leveraging weak credentials and exposed management ports—essential security oversights that AI tools enabled them to exploit efficiently.

The threat actor’s operations demonstrate the transformative influence of AI on cyber capabilities. By employing AI-generated attack methodologies, they streamlined processes for credential harvesting and post-exploitation activities like Active Directory compromises and targeting backup systems, positioning them favorably for potential ransomware attacks. Despite their limited technical prowess, AI allowed them to achieve a level of operational effectiveness that previously would have necessitated a larger team.

This incident highlights concrete applications of AI in action, such as generating AI-assisted reconnaissance scripts and automating attack planning with step-by-step exploitation guidance. In doing so, this actor produced a suite of tools aligning with traditional cybercrime practices while achieving unprecedented efficiency and scale.

As the trend of AI-enhanced cyber threats continues to rise, organizations are urged to reinforce foundational cybersecurity practices, including stringent patch management, credential hygiene, and robust detection of post-exploitation actions. By addressing the security gaps that AI-empowered attackers exploit, businesses can significantly bolster their defenses and reduce vulnerability to these evolving threats.

Harnessing Artificial Intelligence for Enhanced Identity Security and Organizational Data Protection

Artificial intelligence (AI) is transforming identity security, allowing organizations to swiftly detect and mitigate threats. By streamlining response times from hours to mere seconds, AI empowers security teams to intervene in real time, significantly curtailing potential damage. Through continuous monitoring and data correlation, AI effectively distinguishes between legitimate and suspicious user activities across various endpoints.

One prominent application of AI in this domain is Microsoft's Entra ID, a vital identity management solution that safeguards sensitive organizational data. Given its significance, protecting Entra ID is critical to ensure business continuity. Attackers target it not only for malicious purposes but also due to potential accidental data losses, emphasizing the necessity for robust protective measures.

AI significantly advances security measures by automating the identification of cyberthreats. For instance, if an employee in the Netherlands suddenly initiates a flurry of login attempts from a different network location, AI will immediately flag this unusual behavior. This rapid detection allows security teams to act promptly, bypassing time-consuming manual validations. In cybersecurity, time is of the essence; AI's ability to reduce response times can determine the impact of an incident—transforming potential breaches into manageable issues.

Protecting Entra ID is crucial not only for preserving access to essential resources such as email and cloud applications like Salesforce but also for maintaining data integrity within an organization. As identity systems increasingly attract cybercriminal attention, AI-driven defenses have become indispensable. By fostering swift detection and intelligent response capabilities, AI equips organizations to remain resilient against ever-evolving threats.

Kyndryl Holdings Inc. has unveiled its Cyber Defense Operations Center in Bengaluru, India, which merges network operations and security into a cohesive operational framework. This next-generation command hub aims to enhance the cybersecurity and network expertise for global customers, thereby improving incident response, resilience, and overall IT performance.

As enterprises grapple with escalating IT complexity and AI-driven cyber risks, they are under pressure to provide secure, always-on digital services. A recent Kyndryl report indicates that only 31% of organizations feel prepared for external risks, highlighting technology complexity as a significant barrier to AI scalability. The widespread use of autonomous AI across various environments necessitates an integrated approach to network and security operations.

Kyndryl's Cyber Defense Operations Center addresses these challenges by providing a unified model that leverages AI-enabled insights alongside deep networking and security knowledge. This approach enhances resilience, accelerates incident responses, and boosts visibility throughout the IT ecosystem.

The center breaks down operational silos to deliver real-time visibility and collaborative analysis. Key features include AI-driven assessment services that analyze security gaps and prioritize remediation efforts, role-based dashboards that offer customized insights for different operational teams, and automated end-to-end operations that streamline processes and enhance alert management. Furthermore, it integrates with Kyndryl Bridge, an AI-powered platform that consolidates network and security data for a holistic operational view.

While launching this innovative service, Kyndryl has also faced internal challenges, including delays in its quarterly filing and legal issues arising from its cash management practices. Despite these hurdles, the Cyber Defense Operations Center positions Kyndryl as a leader in providing advanced cybersecurity solutions to mitigate today's digital threats.