Get ready for 2026, the year of AI-aided ransomware
Summary
Trend Micro warns that 2026 will see a marked increase in agentic AI being used to automate cyberattacks, and ransomware groups are likely to adopt these techniques once state-backed actors pioneer them. Agentic AI systems — autonomous AI agents that can take action without human intervention — can scan for targets, exploit vulnerabilities, deploy backdoors and run multi-step attacks, lowering the skill required to carry out complex operations.
The report cites examples and research (including Anthropic’s contested findings and Hudson Rock’s work on agentic-infostealer risks in Windows Copilot) to show how attackers might weaponise agentic capabilities, or subvert legitimate agents via prompt injection, poisoned modules or compromised orchestration layers.
Key Points
- Trend Micro predicts agentic AI will be a major driver of cybercrime in 2026, especially for ransomware-as-a-service (RaaS).
- State-sponsored groups are likely to experiment first; criminal gangs will follow once methods are proven and scalable.
- Agentic AI can automate reconnaissance, exploitation, shell deployment and lateral movement, reducing operator effort.
- AI-powered RaaS could democratise offensive capability, enabling less-skilled operators to run sophisticated attacks.
- Attackers can also subvert legitimate agents (prompt injection, poisoned modules, orchestration attack) rather than build agents directly.
- Centralised OS-level agents (eg. Copilot on Windows) create attractive data-harvesting targets for ‘agentic-aware’ stealers.
- Defenders must apply existing controls to agents: least privilege, access management, assume-breach mindset and mapping of services in use.
- Full automation of the attack chain will ramp up gradually — expect incremental adoption before end-to-end agentic attacks appear.
Context and Relevance
This analysis is important for security teams, CISOs and IT managers who must plan for a rapid change in attacker tooling. Agentic AI shifts the attacker-defender balance by automating routine and decision-heavy tasks; that means traditional indicators and manual playbooks may be insufficient.
The warning links into broader trends: the rise of large language models capable of multi-step reasoning, increased embedding of agents into consumer and enterprise OSs, and an expanding underground market for AI-enabled tooling. Organisations should treat AI agents like privileged accounts and extend existing hardening, monitoring and incident response controls to them.
Why should I read this?
Because this is the kind of forecast you want to know about before it shows up on your doorstep. Trend Micro is flagging a clear, actionable risk: automated, AI-driven attacks are coming, and they make ransomware cheaper and easier for criminals. Read it now so you can start tightening controls, mapping agent access and updating playbooks — rather than scrambling later.
Author style
Punchy: this isn’t a distant hypothetical — it’s a near-term operational threat. If you run security for an organisation, the report deserves attention and follow-up action now.