Cyberattacks Surge: AI-Powered Ransomware, Critical Infrastructure Targeted, Phishing Exploits Tax Season

Cyberattacks are intensifying across the globe, with a significant increase in ransomware incidents, especially those leveraging artificial intelligence for automation and precision. Critical infrastructure, including energy, water, and transportation networks, are facing heightened risks, as demonstrated by recent attacks in Poland and warnings issued in the UK. Phishing attacks are also evolving, using encrypted flows, QR codes, and trusted cloud platforms to bypass enterprise defenses, with a notable surge in tax-themed campaigns. The rise in ransomware attacks is particularly concerning, with a nearly 50% year-over-year increase in publicly disclosed incidents. Threat actors are exploiting vulnerabilities in operational technology (OT) and industrial control systems (ICS), leading to compromises in manufacturing, transportation, and other critical sectors. The use of AI is lowering the barrier to entry for new threat groups, making the threat landscape more complex and difficult to track. ## Latest Update Microsoft Threat Intelligence has identified a surge in tax-themed phishing campaigns, utilizing lures such as W-2 forms and IRS impersonations. Attackers are employing Phishing-as-a-Service (PhaaS) platforms, QR codes, and legitimate Remote Monitoring and Management (RMM) tools to maintain unauthorized access, targeting financial services, technology, and retail sectors. ## Timeline * **2026-02-12:** CISA warns of Russian state-sponsored cyberattacks on Poland's power grid, highlighting risks to U.S. critical infrastructure. * **2026-02-16:** NCSC warns UK critical national infrastructure operators to prepare for cyberattacks following events in Poland. * **2026-02-17:** Reports indicate a 49% rise in ransomware attacks, including the first AI-led ransomware campaign. * **2026-02-17:** Dragos reports a sharp rise in ransomware groups targeting industrial organizations, with a 49% increase from 2024. * **2026-02-18:** Cybersecurity reports indicate an average of 3,195 cyberattacks per week in India, with AI-powered hackers raising alarm. * **2026-02-18:** Security researchers observe a 30% annual increase in ransomware victims, with AI lowering the barrier to entry for new threat groups. * **2026-02-28:** Crypto mixing sees a resurgence as criminals adapt faster than regulations, using cross-chain bridges and privacy-focused protocols. * **2026-03-04:** Phishing attacks evolve, using encrypted flows, QR codes, and trusted cloud platforms to bypass enterprise defenses. * **2026-03-19:** Microsoft identifies a significant uptick in tax-themed email campaigns using phishing and malware. ## What to Watch * **Escalation of AI-driven attacks:** Monitor for further advancements in AI-powered phishing and ransomware, and their impact on attack speed and sophistication. * **Critical infrastructure vulnerabilities:** Pay close attention to security updates and best practices for OT/ICS environments to mitigate risks from ransomware and state-sponsored actors. * **Tax season threats:** Be vigilant for tax-related phishing emails and scams, especially those using QR codes or impersonating government agencies.