de en
Back to the overview page
09/16/2025
Key Topics Resilience Cyber Services Risk Consulting & Risk Management ecsolutions eccyber Insurance Policies Digital Security and Technology Cyber Insurance

When artificial intelligence becomes a tool for cyberattacks - how companies can strengthen their digital resilience

Language models such as ChatGPT, Claude or Gemini have long been part of digital routines. They support text creation, answer complex questions and help with programming. Providers such as OpenAI or Anthropic emphasise that their systems are equipped with protective mechanisms to prevent potential misuse. But a recent case shows: These protection mechanisms are not infallible. Our specialised team observes these developments closely, classifies them - and gives you concrete advice on how to protect your companies and institutions effectively.

A case that raises new questions

In August of this year, Anthropic published an alarming threat report. It describes how a single perpetrator used the Claude Code developer variant for a series of targeted cyberattacks. Over several weeks, he identified vulnerable organisations, developed malware, analysed stolen data and wrote authentic-looking extortion letters - all using a publicly available AI system. At least 17 organisations were affected, including a bank, a healthcare provider and a company from the security sector. The ransom demands were between 75,000 and 500,000 US dollars. The case shows that specialised hacker tools are no longer needed to cause damage. AI can automate the work of cyber experts - with alarming efficiency.

Automated attacks with AI support

In this case, Claude took on tasks that would normally require technical expertise or the involvement of specialist teams. The AI identified open remote access points, analysed their vulnerabilities, generated scripts for access and assisted in disguising the attacks. Stolen data was automatically sorted and evaluated, and extortion letters were precisely formulated and tailored to the respective target organisation.

AI checks all open doors systematically and without fatigue. For companies, this means that relying on individual protective measures is not enough. You have to keep a constant eye on your own attack surface.

– Georg Bögerl, Senior Risk Manager Cyber

Race between protection and attack

These techniques illustrate the opportunities and risks of AI systems: Their developers are under increasing pressure to identify creative manipulation, protect themselves against it in the long term and remain resilient. This is precisely where our experts come in - with specialist knowledge, a detailed risk analysis, comprehensible categorisations for our customers and concrete recommendations on an individual basis, for greater resilience against various forms of cyber attacks.

Important to know: This topic and problem is a dynamic race between protection and circumvention. Absolute security cannot be achieved - the decisive factor is how organisations minimise their own attack surfaces in a targeted manner.

 

Perpetrators identify weak points

The affected companies and institutions are often not specifically selected. Instead, hackers look for generally known and current vulnerabilities and recognise them in a matter of seconds. Some IT systems are not up to date or are poorly secured and easily accessible from the outside, making them an easy target for attackers. The use of AI enables hackers to carry out this search systematically, quickly and efficiently.

What counts now: Strengthening digital resilience

Well thought-out and robust concepts and solutions are required to protect against the risks and possible serious consequences of such threats. The following measures allow potential "gateways" to be recognised at an early stage and closed and secured in advance:

  • Multi-factor authentication for all remote access.
  • Rapid updates in the event of an acute threat situation.
  • Clear guidelines for handling sensitive data.
  • Attack surface management, i.e. systematically analysing your own digital infrastructure from the perspective of potential attackers.

Our conclusion

For us, the Ecclesia Group, the series of targeted cyber attacks mentioned above shows two things: firstly, it is not the spectacular high-end attacks that pose the greatest danger, but rather automatically identified vulnerabilities. Secondly, we can support organisations in making risks visible and reducing them in a targeted manner - through external analyses, preventive advice and tailored insurance cover for their specific requirements. This is precisely where we see our role: not only to provide cover in the event of a claim, but also as an active partner for digital resilience and risk management.

Would you like to know how your organisation is perceived from the outside? Get in touch with us.

Kontakt zu eccyber