What happened
Anthropic's Frontier Red Team analyzed 832 accounts banned for malicious cyber activity between March 2025 and March 2026, mapping 13,873 observed actions across all 14 MITRE ATT&CK tactics and 482 unique sub-techniques. The study introduces the AI Risk Enablement Score (ARiES) — a composite risk-scoring framework measuring threat-actor profile, model contribution, and observed impact. The headline finding: 'the percentage of actors labeled as being medium risk or higher jumped from 33% to 56% between the first and second halves of the year,' indicating AI is materially elevating attacker sophistication at scale. The analysis also concludes that traditional risk-assessment signals (number of techniques used, platform choice) no longer reliably distinguish high- from low-risk actors, because AI now performs complex post-compromise tasks on behalf of less-skilled operators. A third major finding is that the MITRE ATT&CK framework does not yet capture the AI-specific orchestration behaviors — such as autonomous chaining of attack stages — that define the highest-risk actors. Anthropic partnered with Verizon to include a subset of these results in the 2026 DBIR, and the full interactive LLM ATT&CK Navigator is published at red.anthropic.com.
Why it matters
This is the first large-scale empirical study from a frontier AI lab mapping AI-enabled real-world attacks to a major security taxonomy; it directly challenges how CISOs and security teams assess and prioritise threat actors, and provides a reference dataset for updating detection logic and security frameworks.
Action needed
Brief your threat intelligence and SOC leadership on the ARiES scoring model and the finding that post-compromise technique concentration — not breadth — is now the stronger indicator of high-risk actors; review whether your detection rules and threat-tiering criteria are calibrated for AI-enabled orchestration rather than legacy skill-proxy signals.