This article is part of VentureBeat’s special issue, “The cyber resilience playbook: Navigating the new era of threats.” Read more from this special issue here.
Deepfakes, or AI-driven deception and weaponized large language models (LLMs) aren’t just cyber threats; they’re the new weapons of mass exploitation. Adversaries aren’t just hacking systems anymore; they’re hacking people and their identities.
Impersonating executives, bypassing security with stolen credentials and manipulating trust at scale are all redefining the new threatscape. It’s an all-out cyberwar with identities hanging in the balance. AI and generative AI are giving adversaries an edge in how quickly they can fine-tune and improve their tradecraft.
The result: Massive breaches and ransomware demands that are setting new records and fueling double extortion demands.
CrowdStrike’s 2024 Global Threat Report highlights this concern, revealing that 60% of intrusions now involve valid credentials, revealing the growing threat of identity-based attacks. Jeetu Patel, Cisco’s EVP and CPO, describes the fundamental problem enterprises face: “The attacks are getting very coordinated, but the defenses are very isolated. That dissonance is not a healthy distance to have.”
Shlomo Kramer, cofounder and CEO of Cato Networks, echoed that view: “The era of cobbled-together security solutions is over.” Cato’s rapid growth underscores how businesses are moving to unified, cloud-based security to eliminate these gaps.
Adversaries ranging from rogue attackers to nation-state cyberwar units are prioritizing the exfiltration of identities at scale and profiting from them for financial and political gain (sometimes both).
It’s on security leaders and their teams to shift their security postures to adapt and stop identity-driven attacks, beginning with continuous authentication, least privilege access and real-time threat detection. VentureBeat research has revealed that organizations are doubling down on zero-trust frameworks and its core concepts to thwart identity-driven attacks.
The high cost of identities are under siege
Deloitte’s Center for Financial Services predicts that gen AI could drive fraud losses in the U.S. to $40 billion by 2027, up from $12.3 billion in 2023. This projection underscores the escalating threat posed by deepfake technology and other AI-driven fraud mechanisms.
In 2024, deepfake fraud attempts occurred at a rate of one every 5 minutes, contributing to a 244% surge in digital document forgeries. In addition, 49% of businesses globally …