Available Infrastructure wordmark logo

IBM cyber report finds critical sectors and AI models threatened by AI-driven attacks

August 13, 2025
city high rise buildings during daytime

AI adoption is swiftly outpacing security and governance — leaving organizations in high-risk industries like healthcare, energy, industrial, financial, government, manufacturing, and transportation and logistics increasingly exposed to expensive, dangerous, and disruptive data breaches. The US government's Cyber Threat Snapshot from November 2024 shows that cyber attacks on critical infrastructure were up 30% globally last year.

While traditional cyberattacks continue to play out, a concerning new theme is fast emerging: AI as both a tool for attack and a target of those attacks.

According to IBM’s new Cost of a Data Breach Report 2025, 1 in 6 data breaches involve AI-driven attacks, most often phishing or deepfake impersonation attacks. The 2025 report also shows that weak cybersecurity around organizational AI use is actively being exploited. More than 1 out of every 8 attacks are now targeting AI models and apps themselves — a number that’s rising as AI becomes a high-value target.

Five key themes in today’s AI-related data breaches

The 2025 report, conducted by Ponemon Institute and sponsored and analyzed by IBM, is based on data breaches experienced by 600 organizations globally from March 2024 through February 2025. Here are five key themes revealed in the report:

  1. All sectors are at risk. Healthcare, financial, industrial, energy, and technology are all experiencing more breaches — and those breaches are getting costlier.
  2. Attacks are targeting AI models. As more organizations adopt AI, their AI models are becoming the focus of cyber threats. Security incidents that targeted AI models and applications were varied, but one type clearly claimed the top ranking: supply chain compromise, which includes compromised third-party apps, APIs, and plug-ins. Other prevalent forms of attacks on AI systems include: model inversion, which aims to learn sensitive information about the model itself, such as its weights or training data; model evasion, which manipulates input data to deceive a model into producing a desired output or outcome; prompt injection, which manipulates a model’s behavior by inserting hidden or malicious instructions into its input; and data poisoning, which corrupts a model by tampering with the data it learns from.
  3. Consequences are mounting. Nearly all organizations suffered operational disruption following a breach. Then there’s the financial and reputational impact. The three biggest attack vectors — phishing, supply chain compromise, and malicious insiders — each come with a cost per breach close to $5 million. Meanwhile, nearly 1 in 5 businesses experienced reputational damage and loss of goodwill due to an AI-related breach.
  4. 97% of companies that experienced an AI-related incident lack basic AI access controls. The overwhelming majority of organizations have no regulations or policies governing how people use AI across the enterprise. This makes organizational intellectual property (IP) data an easy target, especially in environments with lax access controls, over-permissioned accounts, limited visibility into who can access what, and use of shadow AI by employees.
  5. Most breaches targeted company IP and customer data. One-third of cyberattacks targeted company IP. More than half targeted customer PII. Moreover, roughly one-third of organizations that experienced an incident reported loss of data integrity due to an incident involving an AI model or app.

Why national-security grade protection is more important than ever 

While AI is both a tool hackers are using and a target of their attacks, AI is also a part of defense against those attacks.

As IBM’s recent report found, strategic AI deployment is critical for cyber protection and response — enabling faster identification, containment, and lower breach costs. Using AI and automation across operations like prevention, detection, investigation, and response saved $1.9 million in average breach costs and reduced the breach lifecycle by ~80 days. This represents a 28% decrease in mean time to identify (MTTI) + mean time to contain (MTTC).

But the best cybersecurity approaches go above and beyond AI, using zero trust architecture to prevent breach in the first place, keep AI models secure, and avoid operational disruption. “It’s not just about dollars. It’s downtime, reputation, lost trust,” said Jeff Crume, Senior Engineer, IBM. “And the fact is that many of these breaches are preventable.”

As an IBM Platinum Partner, we know that achieving a secure zero-trust posture is not optional — it’s critical for the implementation of trusted enterprise AI. With our fully pre-integrated Platform-as-a-Service, SanQtum, organizations across the public and private sector can achieve rapid, maximum protection in today’s fast-changing threat landscape. 

Image: Unsplash | Sean Pollock