Image by DALL·E Pic: Midjourney
Editors' Note: Many Fast News images are stylised illustrations generated by Dall-E. Photorealism is not intended. View as early and evolving AI art!
AI agents rise,
Deepfakes blur the real and fake—
Guard your credentials.
Gartner warns of AI-driven account takeover threats by 2027
Gartner has projected a significant shift in the cybersecurity landscape by 2027, with AI agents expected to halve the time required to exploit account exposures. The technology research and consulting firm highlights account takeover (ATO) as a persistent threat, primarily due to weak authentication credentials, such as passwords. These credentials are often compromised through methods including data breaches, phishing, social engineering, and malware.
VP Analyst at Gartner, Jeremy D'Hoinne, said: "Account takeover (ATO) remains a persistent attack vector because weak authentication credentials, such as passwords, are gathered by a variety of means including data breaches, phishing, social engineering and malware."
AI agents are anticipated to automate more components of ATO, incorporating social engineering tactics based on deepfake voices and enabling end-to-end automation of user credential abuses. This development is expected to prompt vendors to introduce new products for web, app, API, and voice channels, aimed at detecting, monitoring, and classifying interactions involving AI agents.
Gartner advises security leaders to accelerate the transition towards passwordless, phishing-resistant multi-factor authentication (MFA). VP Analyst at Gartner, Akif Khan, said: "In the face of this evolving threat, security leaders should expedite the move toward passwordless phishing-resistant MFA."
The firm also forecasts that by 2028, 40% of social engineering attacks will target executives and the broader workforce. Attackers are increasingly combining social engineering tactics with counterfeit reality techniques, such as deepfake audio and video, to deceive employees. Detecting these deepfakes remains in its nascent stages, particularly in real-time person-to-person voice and video communications.
Gartner underscores the necessity of educating employees about the evolving threat landscape, especially concerning social engineering with deepfakes. Senior Director Analyst at Gartner, Manuel Acosta, said: "Organizations will have to stay abreast of the market, and adapt procedures and workflows in an attempt to better resist attacks leveraging counterfeit reality techniques."
