Artificial Intelligence (AI) plays a dual role in cybersecurity: on onehand, it is leveraged by cybercriminals to enhance the sophistication of theirattacks; on the other hand, it has become a core technology for corporate cyberdefense. A McKinsey report clearly states: “AIis the biggest threat (and defense) in cybersecurity today: its influence israpidly reshaping the threat landscape and accelerating the speed ofcyberattacks, while organizations are simultaneously leveraging it to reducetheir mean time to detect, respond, and recover, thereby staying ahead ofadvanced attackers.”
AI-driven automated threat response is transforming how companiesallocate cybersecurity resources. With the ability to analyze vast amounts ofdata and content, these algorithms provide actionable insights that enablesecurity teams to quickly and effectively detect and mitigate risks.Additionally, AI enables proactive defense by automating preventive responsesnearly in real time.
At the same time, with the rise of generative AI (GenAI), both internaland external risks are emerging. Cybercriminals can forge emails, generateAI-driven images, and deploy fraudulent virtual assistants, while others use AIto develop malicious code. Internally, errors in AI models and insufficienttraining can lead to incorrect responses or critical data leaks.
Furthermore, AI raises other concerns related to privacy, potentialbiases, and various ethical and governance dilemmas.
Challenges and opportunities
A second McKinsey report from 2024 projectsthe cybersecurity tools market to grow at a 12.4% annual rate through 2027,surpassing historical growth rates. It also highlights that over 70% of largeorganizations across sectors plan to invest in AI-based security solutions.However, this technology can also increase risk: since the launch of GenAIplatforms in 2022, phishing attacks have surged by an astounding 1,265%.
In a Darktrace survey, 74% of respondentsidentified AI-driven threats as a major challenge for their organizations, and90% expect these threats to have a significant impact within the next one totwo years.
Specifically, cybercriminals today use AI to:
To counteract AI misuse by cybercriminals, organizations can:
Mobile ID: an anti-fraud tool
As seen, GenAI is transforming organizational operations but also introducingnew vulnerabilities. According to a PwC study, 67% of executivesbelieve this technology has increased their exposure to attacks over the pastyear, 78% have increased their investment in generative AI for cybersecurity,and 72% have strengthened risk management and AI governance investments.
Earlier, we mentioned that cybercriminals use GenAI tools to boostattack efficiency. They create compelling phishing messages for emails, socialmedia, text messages, web browsers, and other channels. Once they acquirepersonal identification information, they can execute various identity fraudscams, such as SIM swap attacks aimed at taking control of the victim’s mobilephone.
To prevent these types of fraud, organizations can deploy identityprotection solutions such as Mobile ID. These tools utilize mobile data to blockmany GenAI-designed threats targeting the mobile ecosystem. For example,Plusmo’s SIM Swap API reports whether acustomer has changed their SIM card in the last 90 days and/or switched mobilecarriers and verifies the validity of the phone number. It checks directly withmobile operators and provides real-time information. This makes it an excellentanti-fraud tool for banks, financial institutions, insurance companies, ande-commerce platforms that validate transactions through customers’ mobiledevices.
At Plusmo,we closely monitor the cybersecurity threat landscape and make significantcontributions to strengthening security in commercial transactions. Through ourPlusmo Protect business unit, we have developed a comprehensive suite ofidentity protection solutions that reinforce authentication processes and helpminimize fraud in the mobile ecosystem.
