AI Agents to Halve Account Exploitation Time by 2027 Predicts Gartner
Gartner forecasts AI agents will automate credential theft and compromise authentication channels, cutting account exploitation time in half by 2027.
By 2027, AI agents will reduce the time it takes to exploit account exposures by 50%, according to Gartner, Inc. This alarming prediction highlights the growing threat of automated cyberattacks leveraging weak authentication methods.
The Rise of Automated Account Takeovers
Account takeover (ATO) remains a persistent attack vector due to weak authentication credentials like passwords, which are often gathered through data breaches, phishing, social engineering, and malware. Jeremy D'Hoinne, VP Analyst at Gartner, explains, "Attackers then leverage bots to automate login attempts across various services, hoping credentials have been reused."
AI agents will further automate ATO steps, from deepfake-based social engineering to end-to-end credential abuse. This automation will make attacks faster and more scalable.
Industry Response and Defense Strategies
In response, vendors are expected to introduce products for web, app, API, and voice channels to detect and monitor AI agent interactions. Akif Khan, VP Analyst at Gartner, advises, "Security leaders should expedite the move toward passwordless, phishing-resistant MFA. For customer use cases, educate and incentivize users to migrate from passwords to multidevice passkeys."
The Growing Threat of Social Engineering
Gartner also predicts that by 2028, 40% of social engineering attacks will target executives and the broader workforce. Attackers are combining traditional tactics with counterfeit reality techniques like deepfake audio and video to deceive employees during calls.
While few high-profile cases have been reported, these incidents have resulted in significant financial losses. Detecting deepfakes remains challenging, especially in real-time communications across diverse platforms.
Organizational Preparedness
Manuel Acosta, Sr. Director Analyst at Gartner, emphasizes, "Organizations must adapt procedures and workflows to resist attacks leveraging counterfeit reality techniques. Educating employees about social engineering with deepfakes is critical."
Key Takeaways:
- AI agents will automate 50% of account exploitation by 2027.
- Social engineering attacks are evolving with deepfake technology.
- Organizations must prioritize phishing-resistant MFA and employee education.
Related News
Zscaler CAIO on securing AI agents and blending rule-based with generative models
Claudionor Coelho Jr, Chief AI Officer at Zscaler, discusses AI's rapid evolution, cybersecurity challenges, and combining rule-based reasoning with generative models for enterprise transformation.
Lenovo Wins Frost Sullivan 2025 Asia-Pacific AI Services Leadership Award
Lenovo earns Frost Sullivan's 2025 Asia-Pacific AI Services Customer Value Leadership Recognition for its value-driven innovation and real-world AI impact.
About the Author
Michael Rodriguez
AI Technology Journalist
Veteran technology journalist with 12 years of focus on AI industry reporting. Former AI section editor at TechCrunch, now freelance writer contributing in-depth AI industry analysis to renowned media outlets like Wired and The Verge. Has keen insights into AI startups and emerging technology trends.