Tech
Are AI agents a blessing or a curse for cyber security? | Computer Weekly
Artificial intelligence (AI) and AI agents are seemingly everywhere. Be it with conference show floors or television adverts featuring celebrities, suppliers are keen to showcase the technology, which they tell us will help make our day-to-day lives much easier. But what exactly is an AI agent?
Fundamentally, AI agents – also known as agentic AI models – are generative AI (GenAI) and large language models (LLMs) used to automate tasks and workflows.
For example, need to book a room for a meeting at a particular office at a specific time for a certain number of people? Simply ask the agent to do so and it will act, plan and execute on your behalf, identifying a suitable room and time, then sending the calendar invite out to your colleagues on your behalf.
Or perhaps you’re booking a holiday. You can detail where you want to go, how you want to get there, add in any special requirements and ask the AI agent for suggestions that it will duly examine, parse and detail in seconds – saving you both time and effort.
“We’re going to be very dependent on AI agents in the very near future – everybody’s going to have an agent for different things,” says Etay Maor, chief security strategist at network security company Cato Networks. “It’s super convenient and we’re going to see this all over the place.
“The flip side of that is the attackers are going to be looking heavily into it, too,” he adds.
Unforeseen consequences
When new technology appears, even if it’s developed with the best of intentions, it’s almost inevitable that criminals will seek to exploit it.
We saw it with the rise of the internet and cyber fraud, we saw it with the shift to cloud-based hybrid working, and we’ve seen it with the rise of AI and LLMs, which cyber criminals quickly jumped on to write more convincing phishing emails. Now, cyber criminals are exploring how to weaponise AI agents and autonomous systems, too.
“They want to generate exploits,” says Yuval Zacharia, who until recently was R&D director at cyber security firm Hunters, and is now a co-founder at a startup in stealth mode. “That’s a complex mission involving code analysis and reverse engineering that you need to do to understand the codebase then exploit it. And that’s exactly the task that agentic AI is good at – you can divide a complex problem into different components, each with specific tools to execute it.”
Cyber security consultancy Reversec has published a wide range of research on how GenAI and AI agents can be exploited by malicious hackers, often by taking advantage of how new the technology is, meaning security measures may not fully be in place – especially if those developing AI tools want to ensure their product is released ahead of the competition.
For example, attackers can exploit prompt injection vulnerabilities to hijack browser agents with the aim of stealing data or other unauthorised actions. Or, alternatively, Reversec has demonstrated how an AI agent can be manipulated through prompt injection attacks to encourage outputs to include phishing links, social engineering and other ways of stealing information.
“Attackers can use jailbreaking or prompt injection attacks,” says Donato Capitella, principal security consultant at Reversec. “Now, you give an LLM agency – all of a sudden this is not just generic attacks, but it can act on your behalf: it can read and send emails, it can do video calls.
“An attacker sends you an email, and if an LLM is reading parts of that mailbox, all of a sudden, the email contains instructions that confuse the LLM, and now the LLM will steal information and send information to the attacker.”
Agentic AI is designed to help users, but as AI agents become more common and more sophisticated, that’s also going to open the door to attackers looking to exploit them to aid with their own goals – especially if legitimate tools aren’t secured correctly.
“If I’m a criminal and I know you’re using an AI agent which helps you with managing files on your network, for me, that’s a way into the network to deploy ransomware,” says Maor. “Maybe you’ll have an AI agent which can leave voice messages for you: Your voice? Now it’s identity fraud. Emails are business email compromise (BEC) attacks.
“The fact is a lot of these agents are going to have a lot of capabilities with the things they can do, and not too many guardrails, so criminals will be focusing on it,” he warns, adding that “there’s a continuous lowering of the bar of what it takes to do bad things”.
Fighting agentic AI with agentic AI
Ultimately, this means agentic AI-based attacks is something else chief information security officers (CISOs) and cyber security teams need to consider on top of every other challenge they currently face. Perhaps one answer to this is for defenders to take advantage of the automation provided by AI agents, too.
Zacharia believes so – she even built an agentic AI-powered threat-hunting tool in her spare time.
“It was about a side-project I did in my spare time at the weekends – I’m really geeky,” she says. “It was about exploring the world of AI agents because I thought it was cool.”
Cyber attacks are constantly evolving, and rapid response to emerging threats can be incredibly difficult, especially in an area where AI agents could be maliciously deployed to uncover new exploits en masse. That means identifying security threats, let alone assessing the impact and applying the mitigations can take a lot of time – especially if cyber security staff are doing it manually.
“What I was trying to do was automate this with AI agents,” says Zacharia. “The architecture built on top of multiple AI agents aim to identify emerging threats and prioritise according to business context, data enrichment and things that you care about, then they create hunting and viability queries that will help you turn those into actionable insights.”
That data enrichment comes from multiple sources. They include social media trends, CVEs, Patch Tuesday notifications, CISA alerts and other malware advisories.
The AI prioritises this information according to severity, with the AI agents acting upon that information to help perform tasks – for example, by downloading critical security updates – while also helping to relieve some of the burden on overworked cyber security staff.
“Cyber security teams have a lot on their hands, a lot of things to do,” says Zacharia. “They’re overwhelmed by the alerts they keep getting from all the security tools that they have. That means threat hunting in general, specifically for emergent threats, is always second priority.”
She points to incidents like Log4j, a critical zero-day vulnerability in widely used software that was almost immediately exploited by sophisticated threat actors upon disclosure.
“Think how much damage this could cause in your organisation if you’re not finding these on time,” says Zacharia. “And that’s exactly the point,” she adds, referring to how agentic AI can help to swiftly identify and remedy cyber security vulnerabilities and issues.
Streamlining the SOC with agentic AI
Zacharia’s far from alone in believing agentic AI could be of great benefit to cyber security teams.
“Think of a SOC [security operations centre] analyst sitting in front of an incident and he or she needs to start investigating it,” says Maor. “They start with looking at the technical data, to see if they’ve seen something like it in the past.”
What he’s describing is the important – but time-consuming – work SOC analysts do everyday. Maor believes adding agentic AI tools to the process can streamline their work, ultimately making them more effective at detecting cyber threats.
“An AI model can examine the incident and then detail similar incidents, immediately suggesting an investigation is needed,” he says. “There’s also the predictive model that tells the analyst what they don’t need to investigate. This cuts down the grunt work that needs to be done – sometimes hours, sometimes days of work – in order to reach something of value, which is nice.”
But while it can provide support, it’s important to note that agentic AI isn’t a silver bullet that is going to eliminate cyber security threats. Yes, it’s designed to make the task of monitoring threat intelligence or applying security updates easier and more efficient, but people remain key to information security, too. People are needed to work in SOCs, and information security staff are still required to help employees across the rest of the organisation remain alert and secure to cyber threats.
Especially as AI continues to evolve and improve, and attackers will continue to look to exploit it – and it’s up to the defenders to counter them.
“It’s a cat and mouse situation,” says Zacharia. “Both sides are adopting AI. But as an attacker, you only need one way to sneak in. As a defender, you have to protect the entire castle. Attackers will always have the advantage, that’s the game we’re playing. But I do think that both sides are getting better and better.”
Every year, without fail, the US experiences at least one major disruption in air travel due to severe weather, government shutdowns, software outages, or power outages—you name it.
Right now, a partial government shutdown has meant that thousands of Transportation Security Administration (TSA) workers have not been paid for several weeks, causing many to call out of work or quit. That has meant long security lines—more than three-hour waits—ensuing chaos at airports around the country. It’s unclear how long this mess will last, so it’s worth thinking about other options.
Flights are also expensive and hard on the environment. If you can take a bus, train, or ferry to your destination, why shouldn’t you? These travel search apps help you find routes and prices so you can compare them and make the best decision.
Wanderu
Best for Buses and Trains in the US and Canada
In the US and Canada, Wanderu is my go-to search aggregator for travel by bus or train (it works in Europe and the UK, too). Wanderu is your classic travel aggregator, looking up the schedules and prices across several bus and train operators, including Amtrak, BestBus, Flixbus, Greyhound, OurBus, Peter Pan, RedCoach, Vamoose, and others.
You see price comparisons at a glance, as well as options for upgraded class fares, departure and arrival times, and the location of each bus and train station, since sometimes you can save a lot of time by choosing one point over another. Filters help you narrow down your results based on your preferences, and you can book right from the app.
Omio
Compares Trains, Buses, Flights With Excellent Summaries
If you aren’t sure whether you want to travel by land or air, head to Omio. Type in your departure point, destination, and the date you want to travel, and Omio finds routes by plane, bus, and train. A concise summary at the top of the search results tells you the lowest fare and how long it will take for each mode of transportation, so you can make an informed decision quickly. Omio also shows whether the fare will be higher or lower if you travel on a different day of the same week, in case your dates are flexible.
Rome2Rio
Includes Comparison for Driving
Rome2Rio compares prices and times for travel by bus, train, flight, and driving yourself, based on estimated fuel costs. It works reasonably well for trips in the US and Canada. Rome2Rio touts itself as being for worldwide travel, though Europe and the UK seem to be its sweet spot. Elsewhere, take the approach of “trust, but verify,” and this app will take you places.
Virail
Compares Buses, Trains, and Flights
Virail is similar to Omio, comparing travel options by train, bus, and flight, with a neat summary of prices at the top of the search results, although it lacks the total travel time. For that, you have to scroll through the results. To book a ticket, Virail sends you to other websites, and you might have to do additional legwork to reserve your seat. It works reasonably well in the US and Canada (in testing, it got a little tripped up in Mexico), and does well for travel in Europe and the UK.
Vivanoda
Includes Flight and Carpool
Vivanoda (website only, no app) is similar to Omio, comparing all your options for getting between two points—and it includes flights, ferries, and carpool/rideshare options when applicable. The site operates out of the European Union and seems to work slightly better for travel in Europe and the UK than in the US and Canada, where it has some holes. (It didn’t find a direct flight between San Francisco and Vancouver, for example, even though there is more than one daily.)
Seat 61
Best Old-School Site for Trains and Bus Info Worldwide
Seat61, also known as The Man in Seat 61 (website only), has an old-school look and some of the best, most reliable information about traveling by bus and rail all around the world. Mark Smith, who runs the site, tells you exactly where in the world he knows about the train and bus routes: The site lists all the countries it covers on the left side, everywhere from Albania to Zimbabwe. He shares timetables, prices, and even includes photos, though his site is not a search aggregator, and you do have to go elsewhere to book. That said, it’s an excellent resource.
Lloyds Banking Group’s response to a request from the UK government’s Treasury Committee shows that a programming error was the root cause of a breach that exposed details of more than 114,000 mobile banking customers.
The bank said it has made goodwill payments totalling just over £139,000 to around 3,625 customers as of 23 March. It said it also submitted a formal notification to the Information Commissioner’s Office within 72 hours after the breach, in line with statutory timelines.
As Computer Weekly has previously reported, on the morning of 12 March, a fault in the Lloyds banking app enabled some customers to see the transactions of other customers. Customers of the group’s Halifax, Bank of Scotland and Lloyds Bank apps were affected by the security breach.
While the bank resolved the breach quickly, Meg Hillier, chair of the Treasury Committee, sent an email to Lloyds Banking Group’s group CEO, Charles Nunn, with the subject line “Improper disclosure of individuals’ account information”. In the email, Hillier described the incident as “an alarming breach of data confidentiality.”
The information she requested from the bank’s boss included details of the breach, how many customers were affected, whether customers could be identified and what steps Lloyds Banking Group has taken to encourage those who may have taken copies of data – of which they were not entitled – to delete those copies.
Jasjyot Singh, CEO of consumer relationships at Lloyds Banking Group, has now responded to the Treasury Committee’s questions. Singh stated that the incident was caused by an IT change made overnight between 11 and 12 March which introduced a software defect.
“The defect meant that when a customer requested to view their current account transactions, their transaction data was potentially visible to other customers who were simultaneously – within small fractions of a second – requesting access to their own transactions,” Singh said.
The bank has now established that the defect was in the design of the code used to update the application programming interface (API) used by the app. Singh said the bank is reviewing why this individual defect was not detected by its design, quality assurance and testing processes.
According to Singh, a maximum of 447,936 customers who viewed their transaction list during the affected time period may have been presented with other people’s transactions or may have had some of their transactions presented on another customer’s transaction list. The bank has estimated that 114,182 customers clicked through to view the detail behind individual current account transactions during that time and may have been presented with information about individual payments.
Singh assured the Treasury Committee that the bank’s fraud and cyber monitoring processes has seen no evidence of misuse or malicious activity as a result of the incident. “Based on our assessment of this incident, we have not identified evidence that customers have suffered financial loss, and no customer has reported a financial loss arising from the incident at this stage. Accordingly, we have not made compensation payments on this basis,” he stated in the letter.
Financial services firms, content providers, neocloud companies and hyperscalers are all claimed to be among the primary beneficiaries of a digital infrastructure from Colt Technology Services linking the US West Coast to Asia.
The announcement marks the latest phase of the global digital infrastructure company’s global network expansion, and the investment it made in the infrastructure is said to support customers’ international growth strategies and include a transpacific subsea cable route linking the US and Japan.
Colt says the expansion elevates it from its position as the largest European B2B fibre provider to one of the largest in the world, reinforcing its role as a key player in the global digital infrastructure market.
The enhanced infrastructure is seen by Colt as strengthening its network resilience for organisations – by delivering secure, high‑performance backup and routing options for mission‑critical applications. Congested networks mean lags, delays and service interruptions – expensive setbacks which stall progress.
Colt’s network investment is designed to directly addresses surging demand driven by AI traffic. The infrastructure is attributed with giving customers greater choice of offerings, performance and cost, especially for busy transpacific routes already under pressure from rising traffic volumes.
As part of the investment, Colt will deliver a transpacific backbone route through Juno – one of the world’s newest and most advanced subsea cable systems – connecting Tokyo, Japan to Los Angeles on the West Coast of the US.
Having come into service in May 2025 and operated by Seren Juno Network Co, the Juno cable is around 11,700km (7,270 miles) long and engineered to deliver up to 350Tbps across 20 fibre pairs, using next-generation Space Division Multiplexing technology. In Japan, it lands at Minamiboso (Chiba Prefecture) and Shima (Mie Prefecture), connecting with Grover Beach, California. It extends to terrestrial points of presence in Tokyo, Osaka, Los Angeles and San Jose.
The Colt network is intended to offer customers a diverse route, connecting Colt’s existing terrestrial networks in Japan and the US, providing greater resilience and higher bandwidth options to provide greater resilience on transpacific services.
This is said to make the services ideal for businesses with global operations across Asia and the US. Another benefit is said to be an expansion in the global digital footprint, extending its “on-net” capabilities. Colt can connect directly into multiple sites across Tokyo, with on‑net coverage throughout the city’s key metro datacentres.
Commenting on the expansion, Buddy Bayer, chief operating officer of Colt Technology Services, said: “The world’s economies run on digital infrastructure, but there will come a point when existing capacity across some routes isn’t enough. This risks disrupting or even reversing the progress countries have made in connecting markets, organisations and societies. At Colt, we have a deep commitment to solving problems for our customers so they can grow and scale. This investment in our digital infrastructure connecting the US West Coast to Tokyo, Japan not only solves the capacity problem for our customers – it’s also a gateway to global growth.”
News of the new subsea infrastructure comes shortly after Colt announced an expansion and investment into new routes connecting the East Coast of the US to Europe. Specifically, the low-latency routes along the US East Coast and between the US East Coast and Europe are designed to “supercharge” capacity for customers as AI traffic surges across what is said to be the world’s busiest data pathway.
China rolls out tariff cuts on Congo imports from April 1
How Khloé Kardashian, Lamar Odom marriage affected his ex Liza Morales
India-US trade deal update: Piyush Goyal meets USTR Jamieson Greer, discusses next steps in BTA talks – The Times of India
-
Entertainment1 week agoVal Kilmer revived 1 year after death through AI
-
Fashion6 days agoChina’s textile & apparel exports surge 17% to $50 bn in Jan-Feb 2026
-
Business7 days agoFlipkart group CFO to leave co amid IPO plans – The Times of India
-
Sports7 days agoRating Adidas’ 2026 World Cup away shirts: Argentina, Spain, Mexico and more
-
Business1 week agoVideo: The Effects of High Oil Prices
-
Sports7 days agoAmerican Conference Commissioner Tim Pernetti thanks Trump for Army-Navy game executive order
-
Tech1 week ago
The Corsair 4000D RS PC Case Keeps Your System Cool
-
Tech1 week ago‘Uncanny Valley’: Nvidia’s ‘Super Bowl of AI,’ Tesla Disappoints, and Meta’s VR Metaverse ‘Shutdown’