Federal investigators have their hands full uncovering all the fraudulent schemes that cost the government billions of dollars each year. Image-based, AI-powered fraud can have all sorts of negative consequences. Federal News Network's Eric White spoke with Jordan Burris, vice president and head of public sector strategy at Socure, to learn more about it and how to stop it. Tom Temin and Federal Drive.
Jordan Burris What we have seen in recent years is a continued increase in the prevalence of sophisticated attacks, particularly against our nation's identity infrastructure. right. So, you know, I recognize that a lot of the actions by the government and even Congress are things that they've been talking about for quite some time. allocation. I am one of them and am happy to see them starting to take action in this area.
Eric White What are some of these AI-powered plans? Are ergonomics involved, or is it just a bunch of code following another line of code?
Jordan Burris right. So I'd like to say we're in a Terminator-like place where the AI is just thinking for itself, but generally these are things that are ultimately set in motion based on individual behavior. is. . right. So what we're seeing is AI being used at scale to keep thinking and accelerating activities that were once manual and boring. This can include everything from generating false personas and identities to creating images that enable impersonation. In particular, this is a way for governments to scramble and create PII and send it to websites, for example to benefit people who use particularly weak controls. It could be something to take and find out. So think of it as a tool. And unfortunately, when it comes to state actors and criminal organizations, they're doing what they've done historically, and expanding it more than ever before.
Eric White Yeah. Is this a system failure or is there also human error involved? Because personally, I can usually tell without talking to the actual person.
Jordan Burris Well, it's always very interesting. And so too when we, as a society, make the decision to kind of embrace digital as our primary channel for interaction. right. And we especially did this as consumers. right. Because it was easier and more seamless for us. We have eliminated some of the interactions that used to take place in person. Okay. Therefore, you always have to go to the bank or go to the local grocery store, sometimes even to partake in goods and services. This was especially true in government. Now, I'm not going to argue, “Let's go back to doing things very manually because we're not really getting anything done.” I'm really terrible at running errands around the house in some cases. But even if you do away with it, you'll still rely on some of the processes that were in place at the time. right. The only thing that depends on whether it's a government-issued document is if you keep things like social security numbers and pretend like they haven't been exposed or leaked for some reason. Data breach in any way, shape, form or other element of our PII. As a result, many of the preventive measures that have been historically put in place have not evolved. right. And that makes us even more susceptible. Now, I always tell people to look back and look at the pandemic not just as a thing, but as a turning point, a turning point in what happens in the digital ecosystem. It's the kind of place where we saw a lot of these controls start to break down or start to become more prevalent and understand the challenges that we were going to face. right. And this has led to billions of dollars and fraud across many sectors, including this sector today.
Eric White I'm talking with Jordan Burris. He is head of public sector strategy at his Socure. So let's talk about controlling him and what he can do to thwart new plans that keep popping up. Do we need to evolve the controls we already have in place, or do we need to introduce some new technology?
Jordan Burris So, first and foremost, I think we need a shift in mindset. Everyone who is here for this conversation, right? I would say that a lot of what this government and other governments have done is an approach to this problem. Because the idea was always that if we could raise money right away, or if we could raise money, then the user on the other side of the screen could ultimately benefit. is. Well, it's wrong in every way, shape or form that you can get that money back. Well, that continues to be proven over time. Getting this money back is not easy. In fact, governments regularly report large sums of money issued to individuals, even as they step up what amounts to law enforcement efforts to recover them. It has been. They can only get by on a fraction of the money. Of those funds. So we're changing that mindset away from chasing. The next step is to take precautions and see what you can do in advance. Part of the discussion right now is that by tightening up security too much or doing too much upfront, we're unfortunately putting an unreasonable burden on the public when it comes to interacting and engaging with digital systems. was. right? How many times do you really want to be asked to take a photo of your driver's license, or take other types of steps, or turn yourself in, or call the police to prove you're right? . It's a call center, right? That would be too much of a burden. In reality, it doesn't even have to be that way, right? In some cases, this is even a shift in legacy thinking that is no different than when we were talking about moving technology platforms from on-premises to the cloud. In fact, we have had to rethink what it means to reimagine technology solutions. We need to understand what prevention means at scale, and how individuals should passively take precautions, introducing these more burdensome checks and friction points only when absolutely necessary, to ensure that the person is safe. We need to rethink how we can actually assess the risks of verifying who someone is. . right. And it becomes a kind of new science, a new art, with the ability to prove one's identity. And you know, a lot of what the administration is starting to ask for is understanding. We need to take these additional precautions immediately.
Eric White Yeah, just being able to identify pictures with bikes in them over and over again, Jordan, you get a little flustered after a while. You know, it's a zero-sum his game for the hacker himself, right? Because these tools not only made it cheaper, but as you said, it also reduced the cost over time. So even if you only get a fraction of what you got from ransomware or whatever, it's all good, right?
Jordan Burris absolutely. And the interesting thing about them, of course, is that they're using this to get back into their criminal enterprise, especially in order to continue to expand their services. right. No, they are not doing this alone. They share insights with each other. right. They want to understand how certain solutions, systems and services happen, how they are delivered, how porous and effective they are, and how all those who wish to participate in such schemes We discuss how people can actually engage in stealing benefits. especially. right? That is, they are highly networked. Over time, they become more and more sophisticated. You're right, the cost goes down and so does the ability to execute the attack. So now more than ever we need to think about what we can stack up on in advance to basically fight back. Fight back using the same tools used to circumvent existing online services.
Copyright © 2024 Federal News Network. All rights reserved. This website is not directed to users within the European Economic Area.
