Artificial intelligence (AI) is increasingly being developed to analyze neural signals, model behavior, and anticipate decision-making patterns. This is marking a paradigm shift from simple data processing to systems that can interpret and interact with human cognition. At Kaspersky HORIZONS, Kaspersky’s annual flagship European conference on the future of cybersecurity, held this year in Rome on the 19th of May, Kaspersky examined what the evolution of AI means for mental privacy and cognitive autonomy.
While current AI systems cannot directly read or precisely decode human thoughts, they offer capabilities that may influence behavior and shape decisions through recommendation systems, personalization, and large-scale information control. In this regard, it represents a real and growing cybersecurity and socio-technical risk, even though more extreme scenarios remain speculative.
Kaspersky GReAT predicts the following four emerging security risks will become more pronounced as cognitive AI systems advance:
#1
Social Engineering becomes more complex and more deceptive
Large Language Models
(LLMs) are already transforming social engineering into a far more
sophisticated and convincing threat. Attackers can now
generate
more convincing emails and phishing pages. With cognitive AI, they can potentially leverage
social platforms and large datasets to craft highly targeted scams, using
behavioral insights and psychological profiling to increase success rates.
Phishing attempts can also be dynamically generated, context-aware,
and emotionally persuasive, making them significantly more convincing.
This may impact both individuals as well as organizations, through data theft and financial scams. The latest Global Report by Kaspersky Security Services shows that phishing makes up about 15% (one in seven) of the most popular attack techniques. In this context, phishing can serve as an effective initial entry point for APTs and other sophisticated forms of crimeware targeting businesses and governmental entities.
#2 Cognitive manipulation shapes public opinion
Beyond
individual attacks, AI enables large-scale influence operations capable of
shaping public opinion. Actors such as hacktivists or advanced persistent
threat groups can potentially exploit cognitive biases and emotional triggers
across entire populations. Social media platforms already illustrate how
algorithmic systems can reinforce echo chambers and amplify polarization, while
political campaigns and corporations may use micro-targeting and behavioral techniques
to engage users. As these capabilities advance, the distinction between
predicting behavior and actively shaping it becomes increasingly unclear. This
creates systemic risks not only to individual autonomy but also to public trust.
#3
Profiling enables predictive abuse
AI-driven
profiling is becoming a powerful tool for abuse. By aggregating data from
social media, digital behavior, and other sources, AI can build highly detailed
psychological and identity profiles of individuals. This significantly
amplifies doxxing and technology-enabled abuse. Information that was once
fragmented can now be automatically correlated, exposing sensitive details,
linking identities, and enabling targeted harassment at scale. Attacks can also
be tailored to personal vulnerabilities, making them more effective and harder
to defend against.
At the same time, predictive models introduce the risk of individuals being
judged or targeted based on inferred behavior rather than actual actions. This
shifts the threat from a loss of privacy to a loss of control over one’s
identity and how it is constructed and used against them.
#4 Brain–Computer Interfaces converge with IoT
Although
still largely experimental, brain-computer interfaces (BCIs) are already being
used to enable communication for patients by interpreting neural signals.
Ongoing research is expanding their capabilities beyond basic interaction,
including the ability to control external devices. This is where BCIs begin to
converge with the Internet of Things (IoT). In practical terms, neural signals
can be used to send commands to connected systems such as smart home devices,
assistive technologies, or medical equipment.
While this integration offers significant benefits, particularly in healthcare and accessibility, it also extends cybersecurity risks into new domains, as compromised systems may enable unauthorized actions through the user’s neural interface, including interception of signals, manipulation of device responses, or exploitation of the link between intention and execution. As a result, security risks extend beyond digital infrastructure into the realm of physical systems and human agency.
“Although cognitive AI is still at an early stage and far from mass adoption, it is developing rapidly,” says Noushin Shabab, Lead Security Researcher at Kaspersky Global Research and Analysis Team. “Advanced human-AI interaction models are still expected to become significantly more widespread in the coming decades. As adoption will grow, so too will the associated risks – and when it happens, we need to be prepared.”
Addressing these challenges requires proactive collaboration between the cybersecurity community, AI developers, scientists and policymakers. As Teresa Potenza, a journalist and responsible AI educator who engaged with the topic at the conference elaborated, “The real risk of cognitive AI is that it shapes our minds, quietly and at scale. We have learned that systems optimized for engagement erode judgment. That's why regulation is now a defense of human agency - but it cannot keep up with cognitive AI if it only addresses what these systems do today. We need one enforceable principle: technology must serve people, not the other way around. Autonomy is not just a privacy issue. It is a democracy issue.”
