Logo
Home
Archive
Tags
About
Search
Sign in
Get The Context
Logo
AI hackers vs. zombie PCs

identity

AI hackers vs. zombie PCs

A crumbling perimeter meets rising machine identity and over-trusted connected systems.

David Hawks
David Hawks

10 July 2026

3 min read

SHARE

The week ending 21 October handed security leaders two clocks running at incompatible speeds: ageing endpoints that cannot move quickly, and AI-augmented adversaries closing the gap between disclosure and exploitation to something close to zero.

That is not a future threat. It is the operating condition now.

  • What changed this week

  • The deeper mechanism

  • The practical takeaways

Table of Contents

  • Context update

    • In Focus

      • Retrospective

        • Poll of the week

          • Takeaways

            • Opinion

              Context update
               
              The issues that are shaping trust, security, and AI in this edition:
              01
              Security
              The legacy debt trap meets machine-speed attack
              Microsoft now processes roughly 100 trillion security signals daily, with AI-powered attacks driving the volume. When patch-to-exploit time collapses, endpoints that cannot receive patches stop being a moderate risk and become fixed points an adversary can plan around.
              LessonMeasure legacy risk by how fast you can contain a device you already know you cannot patch.
              02
              Identity
              The autonomous adversary is a business model
              CrowdStrike names Australia the top regional ransomware target, while deepfake image-based abuse has doubled. Synthetic identity attacks are no longer a demonstration; they are part of the operating environment for verification, helpdesk, and approval flows.
              LessonAudit any high-stakes verification step that still relies on a voice, a face, or a video.
              03
              Governance
              The governance clock has started running for boards
              Clayton Utz has tied director duties directly to AI governance failures, while updated government guidance frames risk management and accountability as baseline expectations. AI governance is now an auditable control question, not a technology-team side project.
              LessonIf nobody owns the AI tool register, that is the first gap to close.
              In Focus
               
              When the endpoint cannot be trusted

              This week's long read traces the mechanism behind the issue: a trusted edge appliance, an unpatchable endpoint, and a machine-identity token can fail in the same direction. Each turns a control boundary into a path of movement.

              The practical response is not another perimeter promise. It is isolation architecture: assume a weak endpoint exists now, and design the network so that weakness cannot propagate.

               
              In Focus
              A deeper look at how the trust boundary degrades, where Zero Trust assumptions snap, and why isolation is the more honest budget argument.
              Big Read
              Read now ->
              Retrospective

              So what have we learned from this week?

              Not that the threats are new. Legacy endpoints and social engineering have always been around. What is new is the decoupling of sophistication from consequence. The F5 advisory shows a well-resourced adversary exploiting a device built to be trusted. The WA Health breach shows a 15-year-old with no malicious intent walking through a gap that had no anomaly detection behind it.

              Both land in the same place: a trust boundary that assumed it would not be tested. The architectural response is not a better watchtower. It is building so that when the watchtower fails, the failure does not spread.

              Poll of the week

              What is your organisation doing with Windows 10 endpoints that cannot meet Windows 11 hardware requirements?

              • Full replacement — absorbing the capital expenditure now rather than later
              • Extended Security Updates — paying Microsoft to maintain a patch runway while planning migration
              • Isolation play — quarantining legacy machines in segmented or virtual desktop environments
              • Risk acceptance — continuing to run them with endpoint detection as the primary control

              Login or Subscribe to participate

              Takeaways
               
              These are this edition's takeaways.
              01
              The patch-to-exploit buffer has collapsed.
              AI-powered attacks make unpatchable endpoints a containment problem, not merely an upgrade backlog.
              02
              Synthetic identity is already operational.
              Voice, video, and visual confirmation need hardware-backed alternatives for high-stakes actions.
              03
              Trusted edge systems can become the weak point.
              The F5 incident is a reminder that the inspection layer itself needs to be treated as fallible.
              04
              AI governance now needs auditable controls.
              The board question is moving from policy intent to evidence: registers, provenance checks, owners, and tested kill switches.
              Opinion
              ❝

              Two clocks ran at incompatible speeds this week, and the uncomfortable part is that only one of them can be sped up. Ageing endpoints and procurement cycles move at the pace they have always moved at. The attackers exploiting them are not waiting for that pace to catch up — they have already done the market analysis on which regions and which devices are worth the effort.

              What that means in practice is that legacy risk can no longer be measured by counting vulnerabilities. It has to be measured by how fast a device that cannot be patched can be contained, because containment speed is now the only lever still under an organisation's control.

              The governance thread underneath all of it is the one I think gets underweighted: director duties are starting to attach directly to AI oversight, which means the real question is no longer whether a board cares about an AI tool register. It is whether whoever owns that register can produce it, and prove the kill switch behind it actually works, before it is asked for under worse circumstances.

              I hope you found this edition useful. I'm always looking for feedback to improve The Context, so please reach out with any suggestions. If it shifted your thinking, the highest compliment would be to share it with someone else whose thinking it might help shift as well.

              Share The Context

              Until next week, many thanks for reading,

              David

              Recent Posts

              AI hackers vs. zombie PCs

              Turning Big Ideas into Real-World Achievements

              Turning Big Ideas into Real-World Achievements


              Spotlight

              Trust – the Hidden Architecture of Human Interact

              Aug 11, 2025

              Trust – the Hidden Architecture of Human Interact

              Read next
              AI hackers vs. zombie PCs

              identity

              AI hackers vs. zombie PCs

              A crumbling perimeter meets rising machine identity and over-trusted connected systems.

              David Hawks

              9 July 2026

              Turning Big Ideas into Real-World Achievements

              AI Governance

              +1

              Turning Big Ideas into Real-World Achievements

              Weekly Context Issue 001 styling recovery test using PT-lean.

              David Hawks

              9 June 2026

              Turning Big Ideas into Real-World Achievements

              Turning Big Ideas into Real-World Achievements

              Easy to reflect on and even easier to use — these thoughts can improve both action and intention.

              David Hawks

              3 June 2026

              Get The Context in your inbox

              New editions arrive when the analysis is ready. Subscribe once; update at any time.

              Unsubscribe any time.


              AI, trust, and security, explained.

              Tools


              Pages




              AI systems explained trust made practical security in context
              regular essays practical analysis trusted context
              © 2026 Prompting Trust.
              beehiivPowered by beehiiv