AI Agents Are Quietly Widening the Cyberattack Surface

Artificial intelligence is moving fast inside enterprises, but security experts warn that defenses aren’t keeping up. As AI agents and large language models are increasingly connected to business systems, they’re quietly expanding the cyberattack surface — and creating new opportunities for attackers, including hostile nation-states.

Researchers speaking at a recent Cloud Security Alliance event pointed to the rapid adoption of AI agents that can autonomously interact with data, software tools and APIs. Many of these systems rely on emerging frameworks such as the Model Context Protocol (MCP), which allows models to pull in external data and trigger actions. The problem: security controls around these connections are often minimal or nonexistent.

Unlike traditional applications, AI agents may operate outside established security boundaries. They can run on developer machines, cloud instances or third-party platforms that security teams don’t fully monitor. If compromised, an AI agent could be tricked into leaking sensitive data, executing malicious commands or escalating privileges without human oversight.

Another growing concern is what experts call the “security poverty line.” Large enterprises can afford layered defenses, identity controls and dedicated AI governance teams. Smaller organizations usually cannot. Yet they are increasingly targeted, and AI tools make it cheaper and faster for attackers to launch convincing phishing campaigns, automate reconnaissance and exploit vulnerabilities at scale.

AI agents themselves also introduce new identity risks. Many are granted broad access to internal systems so they can “work” effectively. In practice, this often means shared credentials, excessive permissions and little accountability. Few companies have formal policies governing how AI identities should be created, monitored or retired.

Meanwhile, nation-state actors are paying close attention. Threat intelligence researchers report growing use of commercial AI tools by countries such as China and Iran for cyber-espionage, influence operations and vulnerability discovery. As these tools improve, the barrier to launching sophisticated attacks continues to drop.

Security leaders warn that AI doesn’t just amplify productivity — it amplifies mistakes and gaps as well. Without stronger governance, visibility and controls, organizations may find that the same systems designed to help them move faster are also making them easier targets.