GenAI Cyber Attacks on the Rise: Gartner
30 Sept 2025
Attacks using Generative AI (“GenAI”) for phishing, deepfakes and social engineering have become mainstream, and attacks on GenAI application infrastructure and prompt-based manipulations are emerging.
These are among the troubling findings of a recent survey of cyber security leaders by Gartner, the technology insights company.
GenAI is a form of artificial intelligence designed to create original content—such as text, images, music, video, or code—based on patterns it learns from existing data. Unlike traditional AI which classifies or predicts, GenAI generates new data that mimics human creativity.
Rise of the Machines
62% of organisations experienced a deepfake attack involving social engineering or exploiting automated processes. These attacks included:
deepfake videos used against automated face biometrics or identity verification (29%);
deepfake audio clips used against automated voice biometrics (32%);
social engineering with deepfake during video calls with an employee (36%); and
social engineering with deepfake during audio calls with an employee (44%).
In addition, 29% of cybersecurity leaders reported that their organisations had experienced an attack on enterprise GenAI infrastructure in the last 12 months. 32% said they experienced an attack on AI applications that leveraged the application prompt during the last 12 months.
Gartner said that chatbot assistants are vulnerable to a variety of adversarial prompting techniques, such as attackers generating prompts to manipulate large language models (LLMs) or multimodal models into generating biased or malicious output.
Emerging Threats
Speaking at a Gartner Security and Risk Management Summit in London, Akif Khan, Gartner’s specialist VP in identity and access management, said: “As adoption accelerates, attacks leveraging GenAI for phishing, deepfakes and social engineering have become mainstream, while other threats — such as attacks on GenAI application infrastructure and prompt-based manipulations — are emerging and gaining traction.”
While 67% of cybersecurity leaders said emerging GenAI risks demand significant changes to existing cybersecurity approaches, Gartner said a more balanced strategy is warranted. “Rather than making sweeping changes or isolated investments, organisations should strengthen core controls and implement targeted measures for each new risk category,” Khan said.
MFT vs GenAI
One such core control is a Managed File Transfer (MFT) solution, such as GoAnywhere MFT. It should be among an organisation’s first lines of defence.
Managed File Transfer (MFT) solutions play a critical role in defending organisations against deepfake phishing and social engineering by enforcing secure, authenticated channels for data exchange.
Unlike ad hoc file sharing methods that can be easily exploited, MFT platforms integrate multi-factor authentication (MFA), encryption, and access controls to ensure that only verified users can initiate or receive transfers. This mitigates the risk of attackers impersonating trusted individuals using deepfake audio or video to trick employees into sharing sensitive files.
Additionally, robust MFT systems include audit trails and automated alerts which help security teams detect anomalous behaviour — such as unusual file requests or access patterns — that may indicate social engineering attempts. By centralising and securing file movement, MFT reduces the attack surface and strengthens organisational resilience against increasingly sophisticated deception tactics.
Local Expertise Available
At Generic Systems Australia we’re Australia’s and NZ’s experts in deploying Managed File Transfer solutions. We’ve assisted businesses of all sizes to protect their customer data and secure their file transfers, while keeping their operations running smoothly.
If you’d like to discuss how we can help you, please feel welcome to contact me. I’m always happy to have an obligation-free chat and explain how simply we can help you maintain your customers’ trust.