Focuses on deliberate misuse of AI by bad actors, including large-scale disinformation campaigns, AI-enabled cyberattacks and weapons development, and targeted fraud, scams, and manipulation. These risks arise from intentional exploitation of AI capabilities for harmful purposes.
Incident volume relative to governance coverage; each dot is one of 7 domains
Severity by subdomain (current trajectory)
Entity
Who or what caused the harm
Intent
Whether the harm was intentional or accidental
Timing
Whether the risk is pre- or post-deployment
Scammers used AI to create deepfake videos of Italian TV journalist Safiria Leccese offering fraudulent personal loans, leading to financial losses for multiple victims who believed the fake content.
Developers: Deepfake Technology Developers, Voice Cloning Technology Developers
Deployers: Scammers
Scammers used AI voice cloning technology to impersonate a woman's daughter, claiming she was kidnapped by a Mexican drug cartel, and successfully defrauded the mother of $5,400 through wire transfers.
Developers: Deepfake Technology Developers, Voice Cloning Technology Developers
Deployers: Scammers, Fake Kidnapping Scammers
Two men, Cornelius Shannon and Arturo Hernandez, were arrested for using AI to create and distribute non-consensual deepfake pornography of celebrities and private individuals, with their content receiving millions of views online.
Developers: Deepfake Technology Developers
Deployers: Arturo Hernandez, Deepfake Creators
Establishes the Artificial Intelligence Futures Steering Committee by April 1, 2026, under the Secretary of Defense. Directs it to develop policies for AI adoption, assess AI trajectories, and analyze AI risks and adversary developments. Requires quarterly meetings and a report to U.S. Congress by January 31, 2027.
Prohibits the Department of Defense and its contractors from using covered artificial intelligence (AI) developed covered AI companies within 30 days of enactment. Allows Secretary of Defense to issue waivers for research or national security purposes with necessary risk mitigation steps. Provides definitions of covered AI systems, companies, and nations.
Prohibits the use of DeepSeek on intelligence community systems. Requires the Director of National Intelligence to develop removal standards and guidelines. Includes exceptions for national security and research, with risk mitigation. Aligns with existing information security requirements.
Each metric scaled to 0–100% of its peak across all 24 subdomains, so you can compare relative standing across different scales.