The Role of AI-Powered Identity Attacks in Shaping the Modern Threat Landscape

The Role of AI-Powered Identity Attacks in Shaping the Modern Threat Landscape

Attackers are now using AI to interfere with elections, defraud exchanges and nations of millions, and target critical infrastructure.

These adversaries, which include nation-state attackers and cybercrime gangs, are using AI to create and launch increasingly sophisticated identity attacks to fund their operations.

AI-driven identity attacks are on the rise.

The methods attackers use with AI to launch identity-based attacks range from phishing and social engineering to taking over passwords and privileged access credentials. Their goal is to create and launch synthetic identity fraud, targeting financial institutions, retailers, and global e-commerce merchants. With identity theft as a significant revenue source, nation-state attackers are intensifying their efforts with AI, leading to a 14.2% year-over-year increase in synthetic identity fraud.

Financial institutions are facing a massive exposure of $3.1 billion to suspected synthetic identity fraud, particularly in U.S. auto loans, bank credit cards, retail credit cards, and unsecured personal loans. According to TransUnion, nearly 14% of all newly created global digital accounts last year were associated with suspected digital fraud, hitting industries like retail, travel, leisure, and video games the hardest.

Deepfakes are at the forefront of AI-driven identity attacks, with last year seeing an estimated 3,000% increase in their use. This trend is expected to grow by 50 to 60% in 2024, with deepfake incidents projected to reach around 140,000-150,000 cases globally. Last year, deepfakes were involved in nearly 20% of synthetic identity fraud cases, making them the fastest-growing category of weaponized AI. Attackers continuously improve their techniques, leveraging the latest AI applications, video editing, and audio technologies. This year, deepfake-related identity fraud attempts are expected to hit 50,000. The Department of Homeland Security has even issued guidelines on dealing with the increasing threat of deepfake identities.

Many enterprises are not prepared for AI-driven identity attacks.

Ivanti’s 2024 State of Cybersecurity Report reveals that one in three organizations lack a documented strategy to address generative AI risks. Most CISOs and IT leaders admit they’re unprepared for AI-driven identity attacks. Ivanti’s report found that 74% of organizations already feel the impact of AI-powered threats, and 89% believe these threats are just beginning. Around 60% of CISOs, CIOs, and IT leaders fear their organizations cannot defend against AI-powered threats and attacks. The top four expected threats are phishing, software vulnerabilities, ransomware attacks, and API-related vulnerabilities as attackers refine their methods with generative AI.

Ping Identity’s recent report, “Fighting The Next Major Digital Threat: AI and Identity Fraud Protection Take Priority,” underscores how unprepared organizations are for the next wave of AI-driven identity attacks. Over 40% of businesses expect fraud to significantly increase next year. The report also found that 95% of organizations are expanding their budgets to combat AI-based threats.

Despite the rapid growth of AI-driven identity attacks, many organizations have not adopted the latest technologies to counter these threats. Less than half are using one-time passcode authentication, and 46% rely on digital credential issuance and verification. Only 45% have adopted two-factor or multifactor authentication (MFA). Security leaders suggest that MFA is a quick win when integrated into a broader zero-trust framework. Additionally, 44% of security leaders use biometrics or behavioral biometrics.

The goal is to fight identity fraud while improving user experience.

The challenge for many organizations is strengthening their identity and access management (IAM), privileged access management (PAM), and authentication systems without negatively affecting user experience. The best cybersecurity measures are often those that users don’t even notice.

The trend is moving towards replacing passwords with authentication technologies that resist AI-driven attacks, making it harder for attackers to steal credentials. Gartner predicts that by next year, 50% of the workforce and 20% of customer authentication transactions will be passwordless. Strong alternatives to traditional passwords include APIs, biometrics, and passwordless technologies.

Leading providers of passwordless authentication include Microsoft Azure Active Directory, OneLogin Workforce Identity, Thales SafeNet Trusted Access, and Windows Hello for Business. Ivanti’s Zero Sign-On (ZSO) leverages the company’s unified endpoint management platform to integrate passwordless authentication while supporting customers’ zero trust frameworks, improving user experiences. Ivanti’s FIDO2 protocols eliminate passwords and support biometric features like Apple’s Face ID, making credentials less vulnerable to AI-based identity attacks.

Using application programming interfaces (APIs) to consolidate omnichannel verification traffic also helps reduce fraud. Telesign collaborates with customers on AI-enabled APIs to streamline verification channels. Their Verify API integrates seven leading user verification channels into a unified API, enhancing customer identity protection across platforms by detecting and assessing fraud in real-time.

Telesign CEO Christophe Van de Weyer emphasizes the importance of verifying customers to prevent various types of fraud. Their Verify API solution takes an omnichannel approach, allowing companies to select secure and user-friendly verification channels with minimal development resources.

Whoever controls the identities of a company ultimately controls the company.

Trafficking in stolen credentials and creating synthetic identities using AI are among the methods attackers use to fund their operations. As nation-state attackers adopt deepfakes to achieve their goals, the threat landscape is rapidly changing. Organizations must identify and address gaps in their identity management strategies to avoid falling behind in the AI-driven cybersecurity landscape.