Cyber Threats Set to Intensify in 2026 as AI Arms Race Accelerates: Moody’s

Cyber risks will intensify sharply in 2026 as artificial intelligence tools make attacks faster, more adaptive and harder to detect, while also reshaping how companies defend themselves, Moody’s Ratings said in its Cyber Risk – Global 2026 Outlook released on Wednesday

According to Moody’s, attackers are increasingly using AI to scale phishing campaigns, automate vulnerability discovery and develop malware capable of modifying its own code to evade detection. While AI-driven cyberattacks remain in an early phase, the credit rating agency warned that platforms capable of launching large-scale, autonomous assaults are already emerging, intensifying what it described as a “strategic chess match” between attackers and defenders.

“Cyber risk will shift into higher gear over 2026 as attackers exploit increasingly effective artificial intelligence tools,” Moody’s said, adding that organisations relying on manual or legacy security processes will face rising operational and financial risks.

Moody’s noted that ransomware, historically one of the most damaging cyber threats, is showing signs of weakening among smaller and mid-sized firms. Data cited in the report show that nearly 44% of ransomware attempts in 2025 were stopped before data encryption, up sharply from 27% a year earlier. Improved detection tools and wider use of backups have reduced the incentive to pay ransoms, particularly for firms with simpler networks.

However, Moody’s cautioned that large enterprises remain highly exposed. Their complex digital environments create blind spots that attackers can exploit, leading to severe business disruption and reputational damage despite heavy cybersecurity spending.

The report also highlighted a sharp rise in cryptocurrency-related cybercrime. Moody’s said breaches at cryptocurrency exchanges and decentralised finance platforms in 2025 exposed persistent security weaknesses, especially as institutional participation in digital assets grows. Many losses stemmed from flaws outside core blockchain protocols, including weaknesses in asset custody, user interfaces and transaction approval processes.

“Cybersecurity is becoming a prerequisite for capital access and market confidence in digital assets,” Moody’s said, warning that firms unable to meet higher security standards risk capital flight and consolidation.

Cloud computing outages emerged as another major source of systemic risk. Moody’s pointed to high-profile disruptions at major cloud service providers in 2025, which caused widespread operational disruption despite being technical failures rather than cyberattacks. The incidents underscored how a prolonged outage or successful attack on a major cloud provider could trigger economy-wide consequences similar to a power grid failure.

From a regulatory standpoint, Moody’s observed that a growing patchwork of cybersecurity rules across jurisdictions is creating compliance burdens for global firms. While efforts are under way to harmonise standards, progress remains slow. Fragmentation risks diverting resources away from actual security improvements toward compliance-driven paperwork, the report said.

Looking ahead, Moody’s expects regulators to introduce more comprehensive cyber risk frameworks, particularly for digital assets and critical infrastructure. While this may raise costs for companies, the agency said stronger governance and resilience measures would ultimately be credit-positive.

“Cyber risk is no longer a peripheral IT issue but a core credit consideration,” Moody’s said, adding that companies investing in adaptive, AI-enabled defence systems and resilience planning will be better positioned to withstand the next phase of cyber threats.