Back to news

Anthropic reports first AI-driven espionage campaign

November 16, 2025 • Door Arne Schoenmakers

Anthropic describes how a likely state-sponsored actor used an AI agent to conduct largely autonomous espionage campaigns against dozens of organisations.

Anthropic reports first AI-driven espionage campaign

Anthropic detailed a previously unseen security incident in a technical report dated 13 November. A likely state-sponsored actor is said to have abused an advanced AI tool to carry out a largely autonomous series of cyber attacks against about thirty organisations worldwide.

Key points

  • The AI agent executed 80-90 percent of the campaign autonomously

  • Targets included technology, financial and government organisations

  • Attackers used jailbreak-style prompts to bypass security barriers

  • Anthropic detected the operation by spotting anomalous prompt and API patterns

What happened?

Forensic analysis shows that the attackers broke their campaign down into small, automated tasks. The AI wrote exploit code, harvested credentials and mapped exfiltration routes. Thanks to agent workflows and access to external tools, it fired off thousands of requests per second - a pace human teams could never match.

According to the report, the actor did in fact breach several targets, although not every attempt succeeded because of hallucinations and other model inaccuracies.

Why does it matter?

  1. Changing threat dynamics: autonomous AI lowers the barrier for complex attacks.

  2. Speed and scale: actions that traditionally take hours or days now finish in minutes.

  3. Dual use: the same AI capabilities are required to detect and stop these attacks.

Immediate recommendations for organisations

  • Take stock of all internal and external AI interfaces and restrict unnecessary API permissions.

  • Log prompt context and tool calls so that forensic reconstruction remains possible.

  • Implement rate limiting and sandboxing around AI functions that can generate or execute code.

  • Run tabletop exercises around AI-driven attack scenarios and update incident response plans.

  • Share indicators of compromise with sector-specific ISACs and national CERTs to promote rapid detection.

Expert viewpoint

Security researchers regard this incident as a tipping point. AI agents are tilting the balance between attacker and defender; speed is becoming the dominant factor. At the same time, the findings show that advanced monitoring, backed by AI-powered analysis of your own, remains an effective defence strategy.

Sources

  • Anthropic technical report: "Disrupting the first AI-orchestrated cyber-espionage campaign" (13 Nov 2025)

  • AIMagazine summary (14 Nov 2025)

  • The Guardian background article (14 Nov 2025)

Bedankt voor uw bericht!

We nemen zo snel mogelijk contact met u op.

Feel like a cup of coffee?

Whether you have a new idea or an existing system that needs attention?

We are happy to have a conversation with you.

Call, email, or message us on WhatsApp.

Bart Schreurs
Business Development Manager
06 54671577 bart@spartner.nl
Bart Schreurs

We have received your message. We will contact you shortly. Something went wrong sending your message. Please check all the fields.

© 2025 Spartner

Cookie Consent

Your experience on this site will be improved by allowing cookies.

Allow cookies