- Experts tore apart MIT paper for making unsubstantiated claims about artificial intelligence
- Kevin Beaumont dismissed these findings as almost complete nonsense without any evidence.
- Marcus Hutchins also ridiculed the study, saying he laughed harder reading its methods.
MIT's Sloan School of Management was forced to retract a working paper that claimed AI plays a “significant role” in most ransomware attacks, following widespread criticism from experts.
The study, co-authored by MIT researchers and Safe Security executives, states that “80.83 percent of reported ransomware events were attributed to AI attackers.”
Published earlier in 2025 and later cited by several publications, the report immediately attracted intense attention as it presented remarkable numbers with little evidence.
Questionable research
Among them was renowned security researcher Kevin Beaumont, who called the paper “absolutely ridiculous,” calling its conclusions “almost complete nonsense.”
“It describes almost all major ransomware groups using AI – without any evidence (this is also not true; I track many of them),” Beaumont wrote in Mastodon thread
“It even says that Emotet (which hasn’t existed for many years) is controlled by artificial intelligence.”
Cybersecurity expert Marcus Hutchins agreed, saying, “I laughed at the title” and “when I read their methodology, I laughed even harder.”
He also criticized the article for undermining public understanding of threats such as ransomware and malware removal practices.
Following the backlash, MIT Sloan removed the article from its site and replaced it with a note saying it was “being updated based on some recent reviews.”
Michael Siegel, one of the authors, confirmed that changes are ongoing.
“We have received several recent comments on the working document and are working as quickly as possible to provide an updated version,” Siegel said.
“The main points of the article are that the use of artificial intelligence in ransomware attacks is growing, we need to find a way to measure it, and there are things companies can do now to prepare.”
Simply put, he argues that the document does not claim a definitive global percentage, but it does serve as a warning about how AI in cyberattacks can be measured.
Even GoogleThe AI search assistant dismissed the claim, saying the figure was “not supported by current data.”
The dispute reflects a growing tension in cybersecurity research, where enthusiasm for AI can sometimes trump actual analysis.
AI has real potential in both offense and defense, thereby improving ransomware protectionautomatic threat detection and antivirus systems is a good move.
However, exaggerating its malicious use risks distorting priorities, especially when it comes from such renowned institutions as MIT Sloan.
By using Register
The best antivirus for any budget
Follow TechRadar on Google News. And add us as your preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the “Subscribe” button!
And of course you can also Follow TechRadar on TikTok for news, reviews, unboxing videos and get regular updates from us on whatsapp too much.
