THREAT ASSESSMENT: Autonomous AI Agents and Europe’s Cyber Governance Gap

Autonomous AI agents have demonstrated the capacity to execute multi-stage cyber operations with minimal human oversight, as seen in recent incidents involving LLM-based tool use. Deployment at scale remains unconfirmed, but the functional capability is now observable.
Bottom Line Up Front: The emergence of autonomous AI agents capable of conducting cyber operations at machine speed without direct human control represents a structural threat to European cybersecurity and strategic autonomy, exacerbated by governance gaps, reliance on U.S. frontier models, and inadequate runtime oversight.
Threat Identification: Autonomous AI agents—software systems using large language models (LLMs) with planning, tool use, and memory—are increasingly being weaponized for cyber operations. These systems can perform reconnaissance, exploit vulnerabilities, develop malware, and exfiltrate data with minimal human intervention. Evidence includes the November 2025 incident where a Chinese state-sponsored group used Anthropic’s Claude to execute 80–90% of a cyber intrusion autonomously, compressing months of work into days [4]. Similarly, platforms like Moltbook revealed how millions of AI agents can operate under minimal human oversight, creating massive attribution and accountability challenges [1].
Probability Assessment: High likelihood within 1–3 years. Autonomous AI cyber operations are no longer theoretical; they are already occurring at scale. Anthropic’s decision to restrict access to its Mythos Preview model due to its ability to autonomously exploit zero-day vulnerabilities across all major operating systems confirms the immediacy of the threat [5]. The U.S. export-control directive suspending access to Anthropic’s Fable 5 and Mythos 5 models for foreign nationals underscores state recognition of the danger [8]. Given rapid advancements and increasing adoption by state actors (e.g., China, Russia, Iran), widespread deployment of agentic cyber threats is probable by 2027–2028.
Impact Analysis: The consequences are severe and multifaceted. First, traditional cybersecurity frameworks based on human adversaries, sequential kill chains, and attribution via behavioral signatures are becoming obsolete [12]. Second, enterprises face unprecedented insider-style threats from trusted AI agents that can bypass data loss prevention (DLP) policies, as seen in Microsoft’s 365 Copilot breach where confidential emails were summarized despite sensitivity labels [36]. Third, Europe’s strategic dependence on U.S. AI infrastructure creates a dual vulnerability: loss of control over safety settings and exposure to divergent U.S. offensive cyber doctrine, including potential use in 'gloves-off' operations under the Trump administration’s 2026 strategy [45]. This dependence undermines EU sovereignty in AI governance and crisis response.
Recommended Actions: 1) Establish a real-time EU-wide monitoring system for autonomous agent behavior, coordinated through ENISA and national CSIRTs, with mandatory incident reporting for AI-related breaches [41]. 2) Invest in sovereign AI defense capabilities, including hardened test environments and AI-driven defensive agents for rapid detection and response. 3) Enact runtime governance standards requiring audit logs, cryptographic agent identities, and dynamic authorization for AI systems in critical sectors [22]. 4) Reduce strategic dependence on U.S. frontier models by accelerating the EU Cloud and AI Development Act and funding open, secure European alternatives. 5) Advocate internationally for redlines on autonomous cyber operations targeting civilian infrastructure, aligning with humanitarian law principles of distinction and proportionality [56].
Confidence Matrix:
- Threat Identification: High confidence (supported by public disclosures from Anthropic, Google, Microsoft)
- Probability Assessment: High confidence (based on observed trends, model restrictions, and state adoption)
- Impact Analysis: High confidence (grounded in technical failures and geopolitical dependencies)
- Recommended Actions: Medium to high confidence (feasible within EU institutional framework but dependent on political will and funding)
Published July 7, 2026