AI Fuels 'Industrial' Cybercrime as Time-to-Exploit Shrinks to Hours
SecurityWeek, Thursday, April 30th, 2026
AI and automation are accelerating cybercrime operations, reducing time-to-exploit from weeks to hours and forcing defenders to match criminal efficiency with AI-powered defense.
Cybercriminals are leveraging AI-enabled tools like WormGPT, FraudGPT, and APEX AI to conduct sophisticated attacks at machine speed, while automated scanning and darknet data sharing create an efficient criminal supply chain.
The industrialization of cybercrime has collapsed the traditional time-to-exploit window from nearly a week to 24-48 hours for critical vulnerabilities, with some exploits now occurring within hours of disclosure.
Ransomware remains the most profitable attack vector, with 7,831 confirmed victims globally in 2025, primarily concentrated in the US, Canada, and Europe. FortiGuard warns that defenders must match criminal AI and automation speed through identity-centric detection, exposure reduction, and machine-speed response capabilities. The report indicates that the global attack surface is already mapped and maintained in operational readiness by threat actors.