{"id":292,"date":"2024-09-18T10:01:00","date_gmt":"2024-09-18T10:01:00","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=292"},"modified":"2024-09-18T10:01:00","modified_gmt":"2024-09-18T10:01:00","slug":"personhood-cybersecuritys-next-great-authentication-battle-as-ai-improves","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=292","title":{"rendered":"Personhood: Cybersecurity\u2019s next great authentication battle as AI improves"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

CISOs may be intimately familiar with the dozens of forms of authentication for privileged areas of their environments, but a very different problem is arising in areas where authentication has traditionally been neither needed nor desired.<\/p>\n

Domains such as sales call centers or public-facing sites are fast becoming key battlefields over personhood, where AI bots and humans commingle and CISOs struggle to reliably and quickly differentiate one from the other.<\/p>\n

\u201cBad bots have become more sophisticated, with attackers analyzing defenses and sharing workarounds in marketplaces and message boards. They\u2019ve also become more accessible, with bot services available to anyone who can pay for them,\u201d Forrester researchers wrote in the firm\u2019s recent Forrester Wave: Bot Management Software, Q3 2024<\/a>. \u201cBots may be central to a malicious application attack or attempted fraud, such as a credential-stuffing attack, or they may play a supporting role in a larger application attack, performing scraping or web recon to help target follow-on activities.\u201d<\/p>\n

Forrester estimates that 30% of today\u2019s Internet traffic comes from bad bots.<\/p>\n

The bot problem goes beyond the cost issue of fake network traffic<\/a>, however. For example, bot DDoS attacks can be launched against a sales call center, clogging lines with fake customers in an attempt to frustrate real customers into calling competitors instead. Or bots could be used to swarm text-based customer service applications, generating the surreal scenario of your service bots being tied up in circuitous conversations with an attacker\u2019s bots.\u00a0<\/p>\n

Credentialling personhood<\/h2>\n

What makes these AI-powered bots so dangerous is that they can be scaled almost infinitely for a relatively low cost. That means an attacker can easily overwhelm even the world\u2019s largest call centers, which often do not want to add the friction involved with authentication methods.<\/p>\n

\u201cThis is a huge issue. These deepfake attacks are automated so there is no way for a human interface call center to scale up as quickly or as effectively as a server array,\u201d says Jay Meier, SVP of North American operations at identity firm FaceTec. \u201cThis is the new DDoS attack and it will be able to easily shut down the call center.\u201d<\/p>\n

Meier\u2019s use of the term deepfake is worth noting, as today\u2019s deepfakes<\/a> are typically thought of as precise imitations of a specific person, such as the CFO of the targeted enterprise. But with bot attacks such as these, they will be imitating a generic composite person who likely doesn\u2019t exist.<\/p>\n

One recently publicized attempt <\/a>to negate such bot attacks comes from a group of major vendors, including OpenAI and Microsoft, working with researchers from MIT, Harvard, and the University of California, Berkeley. The resulting paper outlined a system that would leverage government offices to create \u201cpersonhood credentials<\/a>\u201d to address the fact that older web systems designed to block bots, such as CAPTCHA, have been rendered useless because generative AI can select images with, say, traffic signals just as well \u2014 if not better \u2014 than humans can.<\/p>\n

A personhood credential (PHC), the researchers argued, \u201cempowers its holder to demonstrate to providers of digital services that they are a person without revealing anything further. Building on related concepts like proof-of-personhood and anonymous credentials, these credentials can be stored digitally on holders\u2019 devices and verified through zero-knowledge proofs.\u201d<\/p>\n

In this way, the system would reveal nothing of the individual\u2019s specific identity. But, the researchers point out, a PHC system would have to meet two fundamental requirements. First, credential limits would need to be imposed. \u201cThe issuer of a PHC gives at most one credential to an eligible person,\u201d according to the researchers. Second, \u201cservice-specific\u201d pseudonymity would need to be employed such that \u201cthe user\u2019s digital activity is untraceable by the issuer and unlinkable across service providers, even if service providers and issuers collude.\u201d<\/p>\n

One author of the report, Tobin South, a senior security researcher and PhD candidate at MIT, argued that such a system is critical because \u201cthere are no tools today that can stop thousands of authentic-sounding inquiries.\u201d<\/p>\n

Government offices could be used to issue personhood credentials, or perhaps retail stores as well, because, as South points out, bots are growing in sophistication and \u201cthe only thing we are confident of is that they can\u2019t physically show up somewhere.\u201d<\/p>\n

The challenges of personhood credentials\u00a0<\/h2>\n

Although intriguing, the personhood plan has fundamental issues. First, credentials are very easily faked by gen AI systems<\/a>. Second, customers may be hard-pressed to take the significant time and effort to gather documents and wait in line at a government office to prove that they are human simply to visit public websites or sales call centers.<\/p>\n

Some argue that the mass creation of humanity cookies would create another pivotal cybersecurity weak spot.\u00a0<\/p>\n

\u201cWhat if I get control of the devices that have the humanity cookie on it?\u201d FaceTec\u2019s Meier asks. \u201cThe Chinese might then have a billion humanity cookies at one person\u2019s control.\u201d<\/p>\n

Brian Levine, a managing director for cybersecurity at Ernst & Young, believes that, while such a system might be helpful in the short run, it likely won\u2019t effectively protect enterprises for long.<\/p>\n

\u201cIt\u2019s the same cat-and-mouse game\u201d that cybersecurity vendors have always played with attackers, Levine says. \u201cAs soon as you create software to identify a bot, the bot will change its details to trick that software.\u201d<\/p>\n

Is all hope lost?<\/h2>\n

Sandy Carielli, a Forrester principal analyst and lead author of the Forrester bot report, says a critical element of any bot defense program is to not delay good bots, such as legitimate search engine spiders, in the quest to block bad ones.<\/p>\n

\u201cThe crux of any bot management system has to be that it never introduces friction for good bots and certainly not for legitimate customers. You need to pay very close attention to customer friction,\u201d Carielli says. \u201cIf you piss off your human customers, you will not last.\u201d<\/p>\n

Some of the better bot defense programs today use deep learning to sniff out deceptive bot behavior. Although some question whether such programs can stop attacks \u2014 such as bot DDoS attacks \u2014 quickly enough, Carielli believes the better apps are playing a larger game. They may not halt the first wave of a bot attack, but they are generally effective at identifying attacking bots\u2019 characteristics and stopping subsequent waves, which often happen within minutes of the first attack, she says.<\/p>\n

\u201cThey are designed to stop the entire attack, not just the first foray. [The enterprise] is going to be able to continue doing business,\u201d Carielli says.\u00a0<\/p>\n

CISOs must also collaborate with C-suite colleagues for a bot strategy to work, she adds.<\/p>\n

\u201cIf you take it seriously but you are not consulting with fraud, marketing, ecommerce, and others, you do not have a unified strategy,\u201d she says. \u201cTherefore, you may not be solving the entire problem. You have to have the conversation across all of those stakeholders.\u201d<\/p>\n

Still, Carielli believes that bot defenses must be accelerated. \u201cThe speed of adaptation and new rules and new attacks with bots is a lot faster than your traditional application attacks,\u201d she says.\u00a0<\/p>\n

Steve Zalewski, longtime CISO for Levi Strauss until 2021 when he became a cybersecurity consultant, is also concerned about how quickly bad bots can adapt to countermeasures.\u00a0<\/p>\n

Asked how well software can defend against the latest bot attacks, Zalewski replied: \u201cQuite simply, they can\u2019t today. The IAM infrastructure of today is just not prepared for this level of sophistication in authentication attacks hitting the help desks.\u201d\u00a0<\/p>\n

Zalewski encourages CISOs to emphasize objectives when carefully thinking through their bot defense strategy.<\/p>\n

\u201cWhat is the bidirectional trust relationship that we want? Is it a live person on the other side of the call, versus, Is it a live person that I trust?\u201d he asks.\u00a0<\/p>\n

Many generative AI\u2013created bots are simply not designed to sound realistically human, Zalewski points out, referring to banking customer service bots as an example. These bots are not supposed to fool anyone into thinking they are human. But attack bots are designed to do just that.<\/p>\n

And that\u2019s another key point. People who are used to interacting with customer service bots may be quick to dismiss the threat because they think bots using perfectly articulate language are easy to identify.<\/p>\n

\u201cBut with the malicious bot attacker,\u201d Zalewski says, \u201cthey deploy an awful lot of effort.\u201d<\/p>\n

Because a lot is riding on tricking you into thinking you are interacting with a human.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

CISOs may be intimately familiar with the dozens of forms of authentication for privileged areas of their environments, but a very different problem is arising in areas where authentication has traditionally been neither needed nor desired. Domains such as sales call centers or public-facing sites are fast becoming key battlefields over personhood, where AI bots […]<\/p>\n","protected":false},"author":0,"featured_media":284,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-292","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/292"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=292"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/292\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/284"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=292"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=292"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=292"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}