PwC's "Cyber threats in motion" report warns that AI is giving attackers added sophistication, speed, and scale, but identity remains the fulcrum of entry, according to SecurityWeek.Infostealer logs feed initial access brokers who sell identities to criminals, while AI enables convincing phishing, impersonation, and deepfake social engineering. Allison Wikoff, PwC's global threat intelligence leader for the Americas, said identity compromise has effectively become a supply chain where attackers mix buying and generating access based on efficiency.AI is now used to automate reconnaissance, accelerate malware development, and scale social engineering across languages, though fully autonomous agentic attacks are not yet widespread. Wikoff noted some threat actors haven't changed their tactics in nearly a decade because traditional phishing and credential theft remain highly effective, and many organizations still grapple with basic security.The report urges organizations to define systems, data, and identities whose compromise would have the greatest impact and align defenses accordingly. Different attackers have different motivations: Russia-based actors blend cyber and influence operations, while China-based actors sustain persistent access in critical infrastructure.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds





