AI-Powered Cyber Threats: What Edinburgh Businesses Need to Know in 2026
This AI cyber threats Edinburgh businesses guide explains what works, what doesn’t, and where to start. The cyber threat to UK businesses changed fundamentally the moment large language models became freely available. It was not a gradual shift – it was a step change. Attackers who previously needed weeks to craft a convincing spear-phishing campaign can now produce hundreds of personalised, grammatically flawless emails in under an hour. The NCSC’s Annual Review 2025 confirmed what security practitioners had been seeing on the ground: the volume of nationally significant cyber incidents in the UK rose to 204 in the year to August 2025, more than double the 89 recorded the previous year. For Scottish businesses – many of which assume they are too small or too regional to attract serious attention – the message is blunt: the threat has arrived, and the old defences no longer hold.
TL;DR: AI has removed the skill barrier for cyber attackers. UK phishing click rates trebled in 2024 (Infosecurity Magazine / Zscaler data), deepfake fraud losses exceeded $200 million in Q1 2025 alone, and the NCSC now classes AI-assisted attacks as a near-certain near-term threat to all UK business sizes. The game has changed – your controls need to change with it.
What Is 1. The Three Ways AI Has Changed the Threat Landscape?
According to the National Cyber Security Centre (NCSC 2025), artificial intelligence will almost certainly increase the volume and impact of cyber attacks over the next two years. Local businesses must shift away from static antivirus signatures toward AI-driven behavioural monitoring to detect the subtle anomalies created by these automated tools.
DSIT-linked analysis shows phishing remains the most disruptive cyber threat, affecting 85% of businesses that experienced a breach or attack, and AI is making those lures harder to spot. The debate about whether AI makes cyber attacks “worse” misses the point. The real change is structural, operating along three axes: speed, scale, and personalisation.
On speed: tasks that previously required a skilled attacker to spend days on reconnaissance – scraping LinkedIn, reading annual reports, mapping supplier relationships – can now be completed by an LLM in minutes. On scale: the same AI pipeline that crafts one convincing email can craft ten thousand, each one individually tailored to a named target at a specific company. On personalisation: LLM-generated messages no longer carry the telltale grammar errors and generic requests that security awareness training has taught people to spot.
The NCSC’s 2024 assessment was unambiguous: GenAI and large language models will make it difficult for everyone, regardless of their level of cyber security understanding, to assess whether an email or password reset request is genuine. That is not a warning about a future threat – it is a description of the present.
What Is 2. AI-Powered Phishing: Why Your Staff Can No Longer Spot the Obvious Signs?
43% of businesses are already using AI, and cybercriminals are adopting these same tools at scale, according to UK business (2026). Attackers now use AI to scrape local LinkedIn data to craft hyper-targeted spear-phishing emails. Your staff must be trained to recognise behavioural anomalies, not just spelling mistakes.
Traditional phishing awareness training rested on a set of heuristics that made intuitive sense: look for poor grammar, generic greetings, urgency, unexpected attachments. Those heuristics are now largely obsolete. An LLM given a target’s name, employer, job title, and a few publicly visible LinkedIn posts can generate a spear-phishing email indistinguishable from genuine internal communications – right down to the tone the target’s actual manager uses.
The numbers are difficult to dismiss. Controlled research published in 2024 found that LLM-generated phishing emails achieved a 54% click-through rate compared to 12% for human-written phishing – a 4.5× improvement in attacker effectiveness (Vectra AI / Harvard study, 2024). In the real world, enterprise phishing click rates nearly tripled during 2024 alone, according to data published by Infosecurity Magazine citing Zscaler telemetry. Over eight in every thousand enterprise users clicked a phishing link each month – a figure that sounds small until you multiply it across a 200-person Edinburgh professional services firm.
What Is 3. Deepfake Fraud: The £25 Million Wake-Up Call?
Recent threat intelligence reporting (2025) found that Deepfake audio and video spoofing attacks designed to bypass financial authorisation controls have surged by over 300%. Your finance teams can no longer rely solely on voice recognition over the phone to authorise wire transfers; strict, multi-channel verification protocols are now strictly mandatory.
The incident that crystallised the deepfake threat for corporate finance teams happened in February 2024 – and it involved a British company. Arup, the global engineering firm behind the Sydney Opera House, lost $25 million (approximately £20 million) after a finance employee in its Hong Kong office was tricked during a video conference call. Every other participant on that call – including the apparent CFO – was a deepfake. The employee had initially suspected a phishing email but joined the video call precisely because it seemed to confirm the request was legitimate.
That case was not a one-off. Financial losses from deepfake-enabled fraud exceeded $200 million in the first quarter of 2025 alone (ScamWatch HQ / Deep Strike research). In the UK, £6.9 million was lost to deepfake CEO impersonation in the first half of 2023 – and the technology has advanced significantly since that figure was recorded. Voice cloning is now achievable with as little as three seconds of audio and produces an 85% voice match to the original speaker.
The practical implication for Edinburgh businesses is straightforward but underappreciated: any process that authorises a payment, a data disclosure, or a system access change based on a phone call or video call alone is now a single point of failure. The technology to impersonate your CEO in real time is not expensive or difficult to obtain.
What Is 4. AI-Generated Malware: What the Security Community Is Seeing?
According to the National Cyber Security Centre (NCSC 2024), the NCSC has been measured but clear on this topic. Its 2024 assessment stated that AI has the potential to generate malware capable of evading current security filters – but crucially, only if trained on quality exploit data. The near-term advantage does not lie in AI producing entirely novel attack types; it lies in AI accelerating the development and adaptation of existing ones.
What security researchers and vendors are observing in practice is more granular. AI is being used to automate reconnaissance, identify exploitable vulnerabilities in target systems, adapt malware to evade specific endpoint detection tools, and process exfiltrated data rapidly. The NCSC’s 2025 follow-up assessment projected that by 2027, AI-enabled tools will almost certainly enhance threat actors’ ability to exploit known vulnerabilities at scale – meaning the lag time between a vulnerability being published and attackers weaponising it is shrinking.
There is also a newer threat category worth watching: prompt injection attacks on AI systems embedded in business workflows. The NCSC warned in late 2025 that prompt injection may never be fully mitigated, and could drive a wave of data breaches as more businesses connect LLMs to sensitive back-end systems. Any Edinburgh business that has deployed an AI assistant with access to customer data, financial records, or internal communications should treat prompt injection as a live risk today, not a future consideration.
What Is 5. What Edinburgh SMEs Should Actually Do About It?
The DSIT Cyber Security Breaches Survey (2025) shows that the instinct when confronted with a threat this broad is to reach for technology. Better firewalls. Advanced endpoint detection. AI-powered email filters. These are all worthwhile – but the most cost-effective control available to a mid-sized Edinburgh business is not technical. It is procedural.
The technical layer still matters. Three controls deliver disproportionate value:
Multi-factor authentication (MFA): Enforcing MFA across all cloud services, particularly Microsoft 365 and Google Workspace, removes the most common route into business email accounts. Phishing for credentials is far less useful when credentials alone do not grant access.
Advanced email filtering: Standard spam filters do not catch LLM-generated spear phishing. Cloud email platforms now offer AI-powered behavioural analysis that flags anomalous communication patterns – this is worth enabling even if it increases false-positive rates initially.
Endpoint detection and response (EDR): Traditional antivirus that relies on known malware signatures is insufficient against AI-adapted variants. EDR tools monitor behaviour rather than signatures and are now accessible at SME price points.
The human layer requires more thought than a single annual training session. Effective training in 2026 needs to move away from “spot the typo” and towards “verify the channel.” Staff need to understand that any communication requesting an action – particularly one involving money, data, or system access – should be verified through an independent channel before action is taken.
What Is 6. The Regulatory Dimension: AI Threats and Your FCA/ICO Obligations?
AI-enabled attacks do not create new laws, but they do materially change the risk profile underpinning existing obligations (the DSIT Cyber Security Breaches Survey, 2025). UK businesses handling personal data are required under UK GDPR to implement appropriate technical and organisational measures to protect that data. A breach facilitated by an AI phishing attack that succeeded because staff training was not updated to reflect current threat realities is still a breach – and the ICO will ask what controls were in place.
For FCA-regulated firms in Edinburgh – financial advisers, mortgage brokers, investment managers – the bar is explicitly higher. The FCA’s operational resilience framework requires firms to identify their important business services, set impact tolerances for disruption, and demonstrate they can remain within those tolerances during a severe but plausible scenario. An AI-enabled BEC (business email compromise) attack resulting in a significant payment fraud, or a ransomware attack disabling client-facing systems, falls squarely within that scenario set.
Senior Manager accountability (under the Senior Managers and Certification Regime) means that responsibility for cyber resilience sits with named individuals, not with “the IT department.” If an Edinburgh financial services firm suffers a significant AI-enabled breach and an SMCR review finds no evidence that AI threat evolution was considered in the firm’s risk assessment, the responsible Senior Manager faces personal regulatory exposure. That concentrates minds in a way that general security awareness campaigns do not.
The practical step here is straightforward: ensure your cyber risk register is reviewed at least annually and explicitly addresses AI-enabled threat vectors. Document the decision – not just the outcome.
Quick Comparison
| Security Control | Cost | Breach Prevention Impact | Priority |
|---|---|---|---|
| MFA on all accounts | Free (M365) | Blocks 99.9% of credential attacks | Critical |
| Email filtering + SPF/DKIM | Included in M365 | Reduces phishing by 70% | Critical |
| Endpoint detection (EDR) | From $5/user/month | Detects lateral movement | High |
| Staff security training | From $3/user/month | Reduces click-through by 65% | High |
Frequently Asked Questions
Are AI cyber attacks actually hitting Scottish businesses?
Yes. The UK Cyber Security Breaches Survey 2025 recorded that 43% of UK businesses experienced a breach or attack in the preceding 12 months – approximately 612,000 businesses nationally. Phishing, the attack type most directly enhanced by AI, remained the most prevalent form, experienced by 85% of affected organisations. Scottish businesses are not insulated from national trends, and sectors concentrated in Edinburgh – financial services, legal, professional services, public sector – are among the most targeted.
What is a deepfake fraud attack?
A deepfake fraud attack uses AI-generated audio or video to impersonate a trusted person – typically a CEO, CFO, or supplier contact – in order to authorise a fraudulent payment or disclosure of sensitive information. In the Arup case (February 2024), attackers generated real-time video deepfakes of multiple colleagues to convince a finance employee to transfer $25 million. Voice-only deepfakes are cheaper and more common: attackers clone a known voice from publicly available audio and call finance or operations staff with urgent payment requests.
How do I protect my business from AI-powered phishing?
The most effective combination is: enforce MFA on all cloud accounts to limit the impact of stolen credentials; deploy advanced AI-based email filtering; implement mandatory call-back verification for any payment request or sensitive access request regardless of how the initial request arrives; and update staff training to focus on channel verification rather than content analysis. The old advice – look for poor grammar and generic salutations – is no longer sufficient against LLM-generated attacks.
Does my cyber insurance cover AI-enabled attacks?
Most standard UK cyber insurance policies cover the financial consequences of a cyber incident regardless of the technical method used – including social engineering, BEC, and ransomware. However, many policies include sub-limits or specific exclusions for social engineering fraud (where an employee is deceived into making a payment voluntarily). Review your policy wording specifically for “social engineering” coverage and ensure the limit reflects your actual wire-transfer exposure. Some insurers are now beginning to ask about AI-specific controls as part of their renewal questionnaires.
What does the NCSC say about AI cyber threats?
The NCSC has published two major assessments on AI and cyber threats. Its 2024 report assessed that AI will almost certainly increase the volume and impact of cyber intrusions through 2027, primarily by making existing attack techniques faster and more scalable rather than introducing entirely new attack types. Its 2025 Annual Review noted a 50% year-on-year increase in highly significant cyber incidents affecting UK organisations. The NCSC has specifically highlighted LLM-generated spear phishing, AI-assisted vulnerability exploitation, and prompt injection attacks against AI systems as near-term concerns for UK businesses.
What Is the Road Ahead?
The threat picture described in this article is not a projection – it describes what is already happening to UK businesses. The specific question for Edinburgh is not whether AI-enabled attacks will arrive, but whether the businesses that encounter them have the controls in place to limit the damage.
Technology alone will not close the gap. The Arup attack was defeated by the one thing attackers could not fake: a phone call to a number the company already held on record. That insight – that the most powerful defence is sometimes the simplest procedural control – is worth more than any amount of endpoint software.
We work with Edinburgh businesses to assess where their genuine exposure lies, which controls will have the greatest impact per pound spent, and how to communicate the risk to senior decision-makers in terms that prompt action rather than paralysis.
Krzysztof Wiselka is the founder of Virtually Pro Ltd, an Edinburgh IT consultancy specialising in cyber security, cloud infrastructure, and managed IT services for businesses in financial services, legal, and healthcare. Virtually Pro is Cyber Essentials certified and based at 83 Princess Street, Edinburgh EH2 2ER.
–>