Friday , March 29, 2024

Security Notes: Red Alert: False Cyber Identities Are Beating Our Defenses

Individual hackers, organized cyber criminals, and spying nations are all part of a colossal drive to exploit recent developments in artificial intelligence. Why? To create an alternative universe populated by fake characters that are indistinguishable from real human beings with a real name, a real face, and a real bank account.

It’s cyber gone amok, yet no one stands up to say, “We are losing this war. We lack the capacity to winnow the real people from their cyber look alikes.” We are way beyond criminals stealing identities. We are into the realm of making up identities. Artificial intelligence can draw a decent-looking man or woman, animate them, let them speak, and Zoom-converse with them, giving no clues to the other party to discern reality versus fake.

Cyber essentially is a stream of bits that can be copied and manipulated so that observers get the intended impression regardless of reality. This is so scary that we tend to dismiss it as hype or science fiction. It is neither. It is real and it is here.

And the payment industry is a prime target. Legacy payments are based on the network’s ability to ascertain who the payer and the payee are. But the technology of fake-ID is  piercing this modality.

Cryptocurrencies are based on a count of participants. Alas, a single person building myriad network nodes can count as many and manipulate prices and confuse transactional dynamics. This used to be limited to a few swindlers who kept selling to fake buyers things like exotic artwork, and then kept fake-selling it back and forth to bump up the price to ridiculous heights.

Today, new fake-identity swindling routes pop up with great creative force. We at BitMint are at a loss even to enumerate them. The combination of made-up identities and false identifies, manipulated with a big dose of unethical imagination, is a threat that does not even have a name yet.

Cyber-anchored countermeasures have been outmanuevered. I don’t see leaders who admit we need to anchor cyberspace in material space. We need to develop “cyber chemistry” and put up central identifiers (CI). These are agents who will use physical proximity, and biometrics, to record and establish identities. We need to use such anchors to write core identity information off the digital grid.

Bits are hackable. Chemistry is not. We advocate for material-cyber tie-in solutions to decontaminate cyberspace of human lookalikes. This is a mindset that leads to simple actions such as insisting on mailed monthly reports from your bank. You may need these hard copies if you are a victim of fraud. A client thanked me for this advice, because when the reports did not arrive, though the bank said they were sent, it turned out that a hacker had changed the mailing address so the account owner would not see how his account was drained.

So many of us look infrequently into our accounts online.  Indeed, if you leave an account unchecked and without movement, you invite a thief who will then prove his false identity by knowing the account’s recent history—which you don’t.  Recovery might be tricky.

Convenience looms as a blinding force. Cyber is so much easier than physical that we suppress security alerts, ignore doomsday warnings, and inch toward an ever-increasing vulnerability to cyber-fake technology—a vulnerability that is tantalizing in its creative power.

Its fascination overwhelms us. My late mother once moved, and winked at me, from the screen, as if we were Zoom-conversing for real. This is a threat that requires fundamental evaluation, and not a moment too soon.

—Gideon Samid, gideon@bitmint.com

Check Also

Buying Groups Might—or Might Not—Give Merchants More Negotiating Power with the Card Networks

Card-acceptance costs and network rules weren’t the only subjects covered by the sweeping settlement revealed …

Digital Transactions