AI Will Drive Scalable Cyberattacks in 2026: Google Cloud

Google Cloud projects that AI-driven cyberattacks will scale over 2026, impacting manufacturing, retail, and finance sectors tied to global supply chains. Rising risks around AI agents, hypervisors, and third-party providers increase exposure to extortion, IP loss, and regulatory non-compliance, requiring stronger identity and infrastructure controls.

By 2026, AI will transition from an exceptional tool to the operational norm for cyber adversaries, enabling automated attacks at a massive scale, says Google Cloud Security. This transformation, alongside the exploitation of hypervisors and critical supply chains, redefines security priorities for enterprises in Mexico and the Latin American region.

“Organizations must be prepared for the threats and the adversaries that leverage AI,” says Jon Ramsey, Vice President and General Manager, Google Cloud Security. This warning is relevant for the Latin American market, where the rapid adoption of AI agents without robust controls creates significant risks for compliance and the protection of intellectual property.

According to Google Cloud’s Cybersecurity Forecast for 2026 report, during the first quarter of 2025, 2,302 victims were listed on data leak sites, which represents the highest figure recorded in a single quarter since tracking began in 2020. This volume confirms a mature cyber extortion ecosystem that increasingly utilizes specialized tactics, such as targeting third-party providers and exploiting zero-day vulnerabilities in managed file transfer software. 

For economies integrated into global supply chains, like Mexico, these trends have immediate financial consequences. Incidents in 2025 involving food retail and wholesale supply chains caused damages valued at hundreds of millions of US dollars.

The Shift Toward AI-Normative Adversarial Operations

Google Cloud’s report reveals that adversaries can leverage AI to improve the speed, reach, and effectiveness of operations involving social engineering and malware development. A significant threat in 2026 is instruction injection, a cyberattack that manipulates AI models to omit security protocols and follow hidden commands from an attacker. 

To defend against these attacks, organizations must implement a defense-in-depth approach. This includes the use of machine learning content classifiers to filter malicious instructions, security thought reinforcement to keep models focused on user intent, and strict output cleaning for high-risk actions.

Social engineering will reach new levels of sophistication through the use of highly manipulative, AI-based vishing. Actors like ShinyHunters, also known as UNC6240, are expected to accelerate the use of AI-driven voice cloning to create hyper-realistic impersonations of executives or information technology personnel. These personalized and scalable attacks bypass traditional security tools by focusing on human weaknesses rather than the technological stack.

Evolution of Identity and Access Management for Digital Agents

The rapid adoption of AI agents to execute workflows and make decisions is expected to pose challenges for traditional security implementations. By 2026, reports Google Cloud, the concept of identity will expand to treat AI agents as distinct digital entities. This shift requires a transition from conventional human authentication toward agent identity management.

The new security paradigm will utilize adaptable systems to evaluate risks continuously and adjust access based on the specific context. Organizations must follow the principle of least privilege and implement just-in-time access. These measures provide temporary, task-specific permissions and a solid chain of delegation to minimize the possibility of unauthorized actions. 

Furthermore, the proliferation of sophisticated agents will aggravate the problem of “Shadow AI,” evolving into “unauthorized agent use.” Employees may deploy autonomous agents independently, creating invisible pipelines for sensitive data that could lead to breaches or compliance violations.

Systemic Risks in Enterprise Virtualization and Infrastructure

As security controls mature within virtualized operating systems, threat actors are shifting their focus toward the underlying virtualization infrastructure. The hypervisor has become a critical blind spot due to several factors: a lack of visibility for endpoint detection and response systems, the persistence of obsolete software versions, and the prevalence of insecure default configurations.

Google Cloud highlights that a single breach at the hypervisor level can grant an adversary control over the entire digital estate of a corporation. Attacks targeting the hypervisor enable the massive encryption of virtual machine disks, which results in enterprise-wide operational paralysis. 

The speed of this attack vector is a determining factor; adversaries can disable hundreds of systems in hours, whereas traditional ransomware campaigns often take days or weeks to spread through a network. 

Operational Technology and Industrial Control Systems

For 2026, the primary threat to industrial control systems and operational technology will remain cybercrime. Adversaries are expected to design ransomware operations to target foundational enterprise software, such as enterprise resource planning systems. Compromising this layer disrupts the data supply chain essential for industrial operations, forcing victims to make rapid payments.

“Defenders must prioritize network segmentation to isolate operational technology from information technology networks,” reads the Google Cloud Cybersecurity Forecast for 2026. “All remote access must be secured with multi-factor authentication and the principle of least privilege.”

To ensure recovery, the company notes that corporations should implement immutable, offline backups of industrial configuration parameters and fundamental business data.

Geopolitical Landscape and Nation-State Activities

“Nation-state adversaries will continue to infiltrate organizations and remain in the victims’ environments for a long time,” says Charles Carmakal, Chief Technology Officer, Mandiant Consulting.

According to Google Cloud report, United States adversaries will continue to infiltrate organizations and maintain long-term persistence. Meanwhile, operations in Russia are expected to pivot from short-term tactical support for the conflict in Ukraine toward long-term global strategic objectives. This includes building advanced cyber capabilities and establishing strategic footholds in international critical infrastructure.

Google Cloud reports that the volume of Chinese cyber operations will continue to exceed that of other nations. Threat actors will likely target edge devices, exploit zero-day vulnerabilities, and focus on third-party providers, argues the company. The semiconductor sector is a specific area of interest due to competition and export restrictions.

The report adds that regional tensions in Iran will drive increased cyber espionage and disruptive attacks against Israel and its allies. Iranian capabilities will remain multi-faceted, blurring the lines between espionage, hacktivism, and economically motivated activities, says Google Cloud.

Finally, in North Korea, primary goals remain revenue generation and traditional espionage. Actors will intensify attacks against cryptocurrency users and organizations. North Korean information technology workers will continue to expand globally to bypass law enforcement pressure and generate direct economic gains through network access abuse, Google Cloud reports.

The Blockchain Economy and Web3 Threats

As the financial sector adopts cryptocurrencies and tokenized assets, criminal actors will exploit the decentralization and immutability of blockchain technology. By 2026, malicious operations may migrate fundamental components of their lifecycle, such as command and control systems, to public blockchains. Techniques like EtherHiding will be used for payload delivery, explains Google. 

“We expect to see more cases of ransomware and extortion,” says Sandra Joyce, Vice President, Google Threat Intelligence. “This problem will continue and increase in 2026… Organizations must adapt their security postures to protect against these emerging threats and ensure operational resilience.”