IBM warns AI & quantum threats will reshape cybercrime

IBM has outlined cybersecurity trends it expects to shape 2026, focusing on unmanaged use of artificial intelligence, the growing role of autonomous software agents in attacks, and the longer-term impact of quantum computing on cryptography.

The forecast frames AI as both a threat vector and a defensive tool. It highlights risks from staff and teams deploying unapproved AI models in cloud environments, as well as attacks that target large language model workflows. It also warns that quantum computing will eventually undermine widely used encryption methods, increasing the urgency of adopting post-quantum cryptography.

Shadow AI

Unapproved "shadow AI" use stands out as a direct cost driver in data breaches. IBM cited its Cost of a Data Breach findings, which estimate an additional USD $670,000 for breaches involving shadow AI compared with incidents that did not.

The outlook links this exposure to gaps in internal controls. It reports that 60% of organisations lack an AI governance or security policy, increasing the likelihood that models will be adopted without assessing data handling, access permissions, or broader operational impact.

Broader AI deployment also increases the attack surface. The report highlights prompt injection as a persistent weakness for large language models. According to the briefing, the Open Worldwide Application Security Project ranks prompt injection as the top vulnerability for such systems, and it has held that position across multiple editions of OWASP guidance.

Defenders are also using AI for detection and response. Security tools increasingly apply AI-driven methods to identify and block evolving prompt injection attempts, the briefing notes.

Autonomous agents

Autonomous AI agents are a major theme, with risks grouped into two categories: attacks on agents and attacks by agents. The analysis argues that agents can accelerate incidents because they may take actions without human review after ingesting information from email, chat tools, and other data sources.

One scenario involves "zero-click" attacks that hide indirect prompt injections inside emails. When an agent automatically processes and summarises a message, it can follow embedded malicious instructions and exfiltrate data without user approval.

Agents also expand the number of "non-human identities" inside organisations, the forecast says. Because agents require access rights and can spawn new agents, the number of identities requiring governance grows. This adds complexity to access management and increases the risk of excessive privileges and escalation paths.

On the attacker side, autonomous agents are increasingly used to automate stages of the cyberattack lifecycle. The outlook says criminals can use agents to generate highly personalised phishing emails, and to rapidly create polymorphic malware that changes behaviour and signatures, making detection harder.

The forecast also describes end-to-end ransomware operations that use automation for code writing, extortion messaging, exploit deployment, and ransom collection. It says this combination lowers the skill and time barriers for complex attacks.

Deepfakes surge

The report describes a sharp rise in deepfakes and other synthetic media used for social engineering. It cites security observations showing a 1,500% increase in logged instances, from 500,000 in 2023 to 8 million in 2025.

It takes a pessimistic view of detection tooling, arguing that investment in deepfake detection will not keep pace with improvements in generation tools. Instead, it recommends assuming deepfakes will be common and focusing on staff training that emphasises verifying unusual requests and scrutinising what action is being requested.

Quantum deadline

Quantum computing appears in the forecast as a strategic risk that extends beyond AI-enabled attacks. The analysis describes a future point, sometimes called "Q-Day", when quantum machines reach sufficient scale to break conventional cryptography.

A particular concern is "harvest now, decrypt later" activity, in which attackers steal encrypted data today with the expectation they can decrypt it once quantum systems mature. The briefing says awareness of this threat grew through 2025, but deployments of countermeasures remain limited. It urges organisations to implement quantum-safe, or post-quantum, cryptography.

Passkeys adoption

The outlook also flags passkeys as a practical alternative to passwords, describing them as resistant to phishing. It points to industry backing through the FIDO Alliance, which includes Amazon, Google, Microsoft, and Target.

IBM cited a report finding that 93% of accounts at participating organisations were eligible for passkeys, while one-third of individuals had enabled them. It also referenced internal deployment experience that it said reduced credential theft, while noting phishing as a leading cause of breaches.

Wider implications

Beyond cybersecurity, the forecast argues that AI adoption will drive broader changes across sectors. It says education systems will need to adjust to widespread AI use, while creative industries such as marketing and music are already seeing AI-generated content and projects become commonplace.

The briefing also points to AI-written code at increasing scale and suggests demand for traditional programming roles could fall over time.