The Dark Web And GenAI: Stopping An Emerging Source Of Identity Threats

The Dark Web and GenAI: Stopping an Emerging Source of Identity Threats

Chances are you spend a decent amount of your time using generative AI. From virtual customer service assistants to AI-powered accounting tools, the technology is rapidly becoming a ubiquitous way for organizations to boost productivity.

But you probably don’t spend much time on the dark web. The dark web is the part of the internet not indexed by traditional search engines or associated with internal company functions. And while it isn’t exclusively for illegal activities, it does attract more than its share of bad actors.

The bad news is these bad actors are combining the emerging power of GenAI and the anonymity of the dark web to find ways to breach your cybersecurity measures, with a particular focus on credential theft and identity fraud. And just as AI is helping boost your organization’s productivity, it’s also helping the black hats get better at pretending to be something they aren’t.

The dark web is not as bad as you think. It’s worse.

The dark web doesn’t always live up to its reputation. While it may be notorious as an anonymous free-for-all where people go to build an online narcotics empire or hire a professional killer, day-to-day activities on the dark web are much less lurid.

Much of the dark web is dedicated to selling the type of stolen personal information that allows a bad actor to make a successful unauthorized access attempt and breach your organization’s security. Whether that data lets a black hat pretend to be someone they’re not, create a profile that gives them access to places they shouldn’t be, or even write scripts to automate credential validation, the dark web is often the first stop when planning a damaging (and potentially expensive) cyberattack.

GenAI is giving the bad guys superpowers

Combine leaked or stolen personal information with GenAI, and you have attacks that are both more scalable and more sophisticated. For example, GenAI allows bad actors to more accurately impersonate executives or other trusted figures, an especially dangerous situation if the same executives have had their credentials leaked on the dark web so the messages come from their actual social media or email accounts.

On a related note, Artificial intelligence also makes it easy to create and automate social engineering attacks like phishing. Information taken from the dark web means that these attacks can be more easily personalized.

And if the bad guys manage to log onto a system like an authorized user, they can place “smart” malware, a type of malware that uses GenAI to change its code to avoid detection by traditional security measures.

Fight fire with fire

So, what’s an organization to do? A good first step is to enlist protection that regularly scans the dark web for potential leaked information. If sensitive information like a login credential is for sale, the sooner you know about it the sooner you can make changes that neutralize the danger.

So, what are some of these changes? Rotate takes a number of steps to combat potential threats that arise from leaks appearing on the dark web. For example, the Rotate Identity Hub, part of our modular, comprehensive approach to cybersecurity, includes continuous identity threat monitoring that provides visibility into all team members, freelancers, and external contacts connected to any workspace application.

MFA also becomes crucial in a world where bad actors can buy usernames and passwords. But it’s not enough to simply require MFA, you need security that comes with robust MFA enforcement and rapid anomaly detection. That’s why the Identity Hub also gives users the ability to enforce MFA compliance across all user accounts. And, if a bad actor does manage to login using credentials taken from the dark web, the hub gives the good guys the ability to track logins from all devices, including location, time, and number of attempts so they can detect anomalies quickly.

Finally, your defense should fight fire with fire. Make sure you have comprehensive network protection that utilizes AI to boost detection of unusual activity or strange patterns in network traffic. Rotate’s 360-degree approach incorporates AI into our comprehensive protection, because if the bad guys are going to be using artificial intelligence, the good guys should be using it too.

‍