How AI-driven identity attacks are defining the new threatscape
What is the purpose of the VB Transform 2024 event and who are the expected attendees?
VB Transform 2024 is an annual flagship event that focuses on the advancements and applications of Generative AI (gen AI) strategies3. The purpose of the event is to provide a platform for enterprise leaders to dive into the world of AI, engage in thought-provoking discussions within the community, and learn how to integrate AI applications into their industries3. Expected attendees include over 400 enterprise leaders, such as CISOs, CIOs, and IT leaders from various industries. The event will take place in San Francisco from July 9-11.
How are attackers using AI to weaponize identity-based attacks, and what types of attacks are they launching?
Attackers are using AI to weaponize identity-based attacks in various ways. They are relying on AI to create and launch increasingly sophisticated identity attacks to finance their operations. Some of the AI-driven identity attacks being launched include:
-
Phishing and social engineering-based attacks: Attackers are using generative AI to create targeted phishing emails, making them more believable to victims6.
-
Password and privileged access credential takeover: Attackers are using AI to crack passwords and gain access to privileged accounts, allowing them to infiltrate organizations and steal sensitive data.
-
Synthetic identity fraud attacks: Nation-state attackers are using AI to scale their efforts in creating and launching synthetic identity fraud attacks aimed at financial institutions, retailers, and e-commerce merchants.
-
Deepfakes: There was an estimated 3,000% increase in the use of deepfakes last year alone. Deepfake incidents are expected to increase by 50 to 60% in 2024, reaching 140,000-150,000 cases globally. Deepfakes are being used in nearly 20% of synthetic identity fraud cases, making it the fastest-growing category of weaponized AI.
These attacks are becoming more sophisticated and widespread, with nation-state attackers and cybercrime gangs constantly improving their tradecraft using generative AI. As a result, organizations are facing increased risks and challenges in protecting against AI-driven identity attacks.
What is the reported year-over-year increase in synthetic identity fraud, and why is it considered one of the fastest-growing types of fraud?
Synthetic identity fraud has seen a 14.2% year-over-year increase and is considered one of the fastest-growing types of fraud due to several reasons. Attackers, including nation-state attackers and cybercrime gangs, are increasingly relying on AI to create and launch sophisticated identity attacks to finance their operations. These attacks range from phishing and social engineering-based attacks to password and privileged access credential takeover, targeting financial institutions, retailers, and e-commerce merchants. Nation-state attackers are doubling down on AI to scale their efforts, leading to the growth of synthetic identity fraud.