AI Threats Affecting National Security Systems

How AI-enabled threats compromise defense, intelligence, military command-and-control, and border security systems.

systems

How AI Threats Appear

For national security systems, AI-enabled threats most commonly surface through:

AI-enhanced cyber warfare — Adversaries using AI to automate vulnerability discovery, develop evasive malware, and conduct large-scale offensive operations against defense networks
Intelligence manipulation — AI-generated disinformation, deepfake intelligence reports, and synthetic signals designed to deceive intelligence analysis
Autonomous weapons risks — AI systems in military contexts operating with insufficient human oversight, creating risks of unintended escalation or targeting errors
AI supply chain compromise — Foreign adversaries introducing backdoors or vulnerabilities into AI systems used in defense and intelligence applications
Strategic deception — AI-enabled simulation and manipulation of satellite imagery, communications intercepts, or sensor data to create false operational pictures

National security systems are categorized as a systems-level affected group because compromises threaten the integrity of defense and intelligence infrastructure at a structural level.

Relevant AI Threat Domains

Security & Cyber — AI-enhanced offensive capabilities and automated vulnerability exploitation
Systemic Risk — Lethal autonomous weapons and strategic misalignment
Information Integrity — AI-generated intelligence deception and signal manipulation
Agentic Systems — Autonomous military AI operating beyond intended parameters

What to Watch For

Indicators of AI-related national security risk:

AI systems in military or intelligence applications operating with reduced human oversight under operational pressure
Foreign AI technology dependencies in defense supply chains
Adversary development of AI capabilities specifically designed to defeat defensive AI systems
AI-generated synthetic media targeting military decision-makers
Integration of AI autonomous capabilities into weapons systems without adequate testing against adversarial conditions

Regulatory Context

EU AI Act — Exempts national security applications but sets norms that influence defense AI governance
US Department of Defense AI Adoption Strategy — Establishes principles for responsible military AI including human oversight requirements
UN Convention on Certain Conventional Weapons — Ongoing discussions on regulation of autonomous weapons systems
NATO AI Strategy — Establishes principles for responsible use of AI by alliance members

For classification rules and evidence standards, refer to the Methodology.

→ Explore AI Threat Domains

→ View documented Incidents

Last updated: 2026-03-03 · Back to Affected Groups

Incidents Affecting National Security Systems

Documented incidents where national security systems were directly affected by AI-enabled harm.

INC-26-0011

Jailbroken Claude AI Used to Breach Mexican Government Agencies

Security & Cyber

Jailbreak method: Spanish-language prompts with role-playing as "elite hacker" in fictional bug bounty scenario<a href="#source-4">[4]</a>
Scale of prompting: Over 1,000 prompts sent to Claude Code; some information also passed to GPT-4.1<a href="#source-2">[2]</a>
Tools generated: Vulnerability scanning scripts, SQL injection exploits, automated credential-stuffing tools<a href="#source-1">[1]</a>

View record → INC-20-0003

UN-Documented Autonomous Drone Attack in Libya

Systemic Risk

Weapon system: STM Kargu-2 loitering munition, manufactured by Turkish defense firm STM
Location: Tripoli region, Libya, during retreat of Haftar Affiliated Forces
UN documentation: Panel of Experts report S/2021/229 described the weapons as operating without requiring data connectivity to a human operator

View record →

How to Read These Records

Each record documents a specific, verifiable event in which AI-enabled harm occurred.

Focus on observable impact, not technical implementation
Note the primary threat category and secondary intersections
Use sources and stable identifiers to verify context