2023 ForgeRock Breach Report underscores the need for AI-powered identity
We are excited to announce the release of our fifth annual ForgeRock Identity Breach Report. Our goal each year is to discover what’s trending — how enterprises are being breached, how many records are being exposed, and how attackers are getting past security controls that cost companies roughly $88 billion a year.1
As in previous years’ reports, we have published our key findings, including the industries most vulnerable to attack, the rising costs, and the leading cause of breaches (unauthorized access wins that dubious honor once again!). But this year’s report revealed one trend we have not seen before: a significant drop in the number of breached records. In fact, the number was the lowest we’ve seen in five years. So can we infer that the bad guys are giving up, taking their keyboards and going home? If only!
An obvious challenge of storing so much sensitive personal information in digital form is that this data is highly valuable to criminals. And it appears in the last year that they’ve been going for quality over quantity – the number of records containing protected health information (PHI) rose by 160%. Why? Because a single healthcare record in the U.S. is now fetching $675 on the black market. Such records can be used widely for fraud, from filing false insurance claims to obtaining prescription drugs illegally. No wonder healthcare is the most highly targeted sector, accounting for 36% of all breaches.
An emerging threat: they’re using AI to devise new attacks (and we can use AI to stop them)
This year, we’ve all been hearing a lot about generative AI, which produces various types of content, including text, imagery, audio, and synthetic data. Expect to hear a lot more about how generative AI makes it easier to impersonate others and perpetrate fraud.
Researchers recently discovered underground hacking communities using ChatGPT to generate malware, create encryption suitable for ransomware, and devise other fraudulent schemes. The new AI wave is contributing to a huge increase in voice and video deepfakes.
As criminals find novel ways to use AI, we can use AI to thwart their efforts. Decisioning AI, which fuels our This article has been indexed from Security Boulevard