If the downfall of society arrives not with the roar of missiles but the ping of an email, we’ll know exactly why. Artificial intelligence, once hyped as humanity’s digital guardian angel, is now being used to create believable lies, clone trusted voices, and outthink humans in the most personal ways. But make no mistake—the bots didn’t do this alone. We practically held the door open for them.
A recently published security briefing pulls back the curtain on this unsettling transformation. AI-powered tools are now being used by bad actors to simulate real people, forge convincing video calls, and create fraudulent voice messages. We’ve reached a point where video “evidence” and phone conversations are no longer reliable. Criminals can manufacture high-fidelity imitations of CEOs giving orders, resulting in multi-million dollar frauds. It’s not fiction anymore—it’s Tuesday in the digital trenches.
AI phishing attacks have evolved, too. These aren’t your grandma’s scams promising an inheritance from a long-lost prince. Today’s phishing emails are tailored with surgical precision using your digital footprint. They read like your boss. They reference actual workplace projects. They arrive at times when you’re distracted or stressed. All because AI knows you better than you know yourself.
Still, even this powerful machine deception wouldn’t get far without our help. As NinjaOne’s cybersecurity report shows, a staggering 95 percent of all breaches trace back to plain human error. This isn’t just about falling for scams—it’s the whole spectrum of boneheaded decisions, from bad password hygiene to leaving systems unpatched for months.
We are our own worst enemy. The IT manager who never bothered to disable remote access after onboarding. The employee who uploads confidential documents to a public drive. The contractor who uses the same password for every tool. These aren’t hackers at work. These are insiders holding the match next to a digital powder keg.
All of this is unfolding against a backdrop of systemic vulnerability. While the Biden administration previously acknowledged the need for more cybersecurity professionals, little material improvement followed. In what is now being dubbed the “DOGE Era,” resources are dwindling while risks multiply. Government cybersecurity efforts are hampered by a lack of funding, talent, and nimbleness.
And that’s the harsh truth: the cavalry is not coming. Washington is still tangled in bureaucracy. Federal agencies are under-resourced and overtasked. Private businesses and individuals can no longer expect a protective umbrella from the government. Cybersecurity has officially become a DIY responsibility.
So where do we go from here? First, we need to admit that people—not AI—are the primary problem. That means building a cybersecurity culture that addresses user behavior as seriously as it does network infrastructure. Every organization must engage in realistic threat simulations and regular training to keep employees sharp and alert.
Second, we must embrace AI’s defensive capabilities. The same tech that criminals are using to breach systems can be deployed to protect them. Predictive analytics, real-time monitoring, and automated threat response tools can reduce the burden on human analysts and stop cyber threats in their tracks.
Third, cyber literacy must become part of everyday life. Just as we teach children to look both ways before crossing the street, we should be teaching them how to spot a too good to be true money-related phishing attempt, manage a password manager, protect social media credentials, and think twice before indiscriminantly clicking on just anything.
Cybersecurity cannot be the responsibility of IT alone. It belongs to HR, to accounting, to operations, to every individual with a device and a login that can potentially download a sketchy app onto an enterprise network. Organizations that fail to distribute this responsibility will continue to be blindsided by the same predictable mistakes.
We must also acknowledge that the AI arms race is far from over. As new threats emerge, we’ll need adaptable frameworks, updated policies, and agile leadership. Businesses must invest in AI literacy among executives so that they can make informed decisions about risk, compliance, and strategy.
Lastly, we need to shed the idea that digital disasters are inevitable. They’re not. They’re preventable. They require focus, discipline, and a willingness to put security ahead of convenience. If that sounds difficult, consider the alternative: shuttered operations, ruined reputations, and a society slowly losing trust in its own technology.
The end won’t come because AI outsmarted us. It’ll come because we couldn’t be bothered to secure our own systems or the government failed to provide adequate AI oversight. And if that’s our future, it won’t be one stolen from us—it’ll be one we handed over willingly.
Julio Rivera is a business and political strategist, cybersecurity researcher, founder of ItFunk.Org, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, is regularly published by many of the largest news organizations in the world.
Join the conversation as a VIP Member