Artificial Intelligence (AI) plays a dual role in cybersecurity: on one hand, it is leveraged by cybercriminals to enhance the sophistication of their attacks; on the other hand, it has become a core technology for corporate cyber defense. A McKinsey report clearly states: “AIis the biggest threat (and defense) in cybersecurity today: its influence is rapidly reshaping the threat landscape and accelerating the speed of cyberattacks, while organizations are simultaneously leveraging it to reduce their mean time to detect, respond, and recover, thereby staying ahead of advanced attackers.”
AI-driven automated threat response is transforming how companies allocate cybersecurity resources. With the ability to analyze vast amounts ofdata and content, these algorithms provide actionable insights that enable security teams to quickly and effectively detect and mitigate risks.Additionally, AI enables proactive defense by automating preventive responses nearly in real time.
At the same time, with the rise of generative AI (GenAI), both internal and external risks are emerging. Cybercriminals can forge emails, generateAI-driven images, and deploy fraudulent virtual assistants, while others use AIto develop malicious code. Internally, errors in AI models and insufficient training can lead to incorrect responses or critical data leaks.
Furthermore, AI raises other concerns related to privacy, potential biases, and various ethical and governance dilemmas.
Challenges and opportunities
A second McKinsey report from 2024 projects the cybersecurity tools market to grow at a 12.4% annual rate through 2027, surpassing historical growth rates. It also highlights that over 70% of large organizations across sectors plan to invest in AI-based security solutions.However, this technology can also increase risk: since the launch of GenAI platforms in 2022, phishing attacks have surged by an astounding 1,265%.
In a Dark trace survey, 74% of respondents identified AI-driven threats as a major challenge for their organizations, and90% expect these threats to have a significant impact within the next one to two years.
Specifically, cybercriminals today use AI to:
To counteract AI misuse by cybercriminals, organizations can:
Mobile ID: an anti-fraud tool
As seen, GenAI is transforming organizational operations but also introducing new vulnerabilities. According to a PwC study, 67% of executives believe this technology has increased their exposure to attacks over the past year, 78% have increased their investment in generative AI for cybersecurity, and 72% have strengthened risk management and AI governance investments.
Earlier, we mentioned that cybercriminals use GenAI tools to boost attack efficiency. They create compelling phishing messages for emails, social media, text messages, web browsers, and other channels. Once they acquire personal identification information, they can execute various identity fraud scams, such as SIM swap attacks aimed at taking control of the victim’s mobile phone.
To prevent these types of fraud, organizations can deploy identity protection solutions such as Mobile ID. These tools utilize mobile data to block many GenAI-designed threats targeting the mobile ecosystem. For example, Plusmo’s SIM Swap API reports whether a customer has changed their SIM card in the last 90 days and/or switched mobile carriers and verifies the validity of the phone number. It checks directly with mobile operators and provides real-time information. This makes it an excellent anti-fraud tool for banks, financial institutions, insurance companies, and e-commerce platforms that validate transactions through customers’ mobile devices.
At Plusmo, we closely monitor the cybersecurity threat landscape and make significant contributions to strengthening security in commercial transactions. Through our Plusmo Protect business unit, we have developed a comprehensive suite of identity protection solutions that reinforce authentication processes and help minimize fraud in the mobile ecosystem.
