How AI is revolutionizing cybersecurity: Israeli company Intezer's breakthrough discovery

An Israeli cybersecurity company has shed new light on how artificial intelligence is reshaping both cyber defense and cyber espionage, following its discovery of a sophisticated AI-driven spy campaign targeting Russian defense technology firms.

Speaking on the Defense and Tech podcast, Itai Tevet, CEO of Tel Aviv-based Intezer, described how the company uncovered a campaign that used AI-generated Russian language decoys, including realistic-looking documents and invitations, to lure victims into opening malicious files. The campaign, which Intezer observed in the wild rather than disrupting directly, appeared to be linked to a group associated with Ukraine, highlighting the growing role of AI in geopolitical cyber operations.

Tevet explained that the discovery reflects a broader shift in the cyber threat landscape, where attackers increasingly use generative AI to scale personalization and credibility. According to him, AI has dramatically lowered the barrier for sophisticated social engineering, allowing attackers to generate thousands of convincing messages in minutes rather than relying on skilled human operators.

At the same time, Tevet argued that AI is offering a long-awaited solution to one of cybersecurity’s most persistent problems, the overwhelming volume of security alerts faced by enterprise defense teams. Security operations centers often receive hundreds or even thousands of alerts daily, forcing analysts to ignore large portions of them.

Intezer’s AI-driven platform, he said, reduces alert volumes to a fraction of their original size while still reviewing low-severity alerts that can hide real threats.

Tevet stressed that AI is not replacing human analysts, but shifting their role. While routine alert triage can be offloaded to technology, human expertise remains essential for strategic decision-making and incident response.

Looking ahead, Tevet warned that as AI infrastructure continues to advance, the cyber arms race will accelerate. Expanding attack surfaces, from cloud systems to connected devices, combined with faster scaling on both offense and defense, are likely to define the next phase of global cybersecurity competition.