Humanix today revealed it has developed a conversational artificial intelligence (AI) capability that detects violations of established IT support workflows to thwart social engineering attacks being made against help desks.

Company CEO Keith Stewart said in the wake of a series of high-profile social engineering attacks conducted by cybercriminal syndicates such as ShinyHunters have convinced IT teams to provide them with credentials and passwords under false pretenses, it’s clear there is a need to detect these attacks in real time.

The Humanix platform now makes it possible to detect and respond to these attacks by monitoring voice, chat, email, and ticket interactions. The overall goal is to leverage conversational AI to provide visibility into interactions that are outside normal workflows before sensitive credentials are shared with malicious actors, said Stewart.

Cybercriminals are now studying the identity verification processes that organizations have put in place as safeguards to prevent fraudulent access. Those processes, however, break down when cybercriminals use social engineering techniques to create an artificial crisis, he noted.

Most IT personnel are inclined to provide as much assistance as possible in these situations, which too often results in a significant security breach later on. In fact, Clorox is suing Cognizant because the IT services provider allegedly gave passwords to cybercriminals who posed as Clorox employees.

Unfortunately, success only begets more attacks as cybercriminal syndicates increasingly industrialize their efforts to launch these types of attacks at increasingly higher levels of scale, noted Stewart. No amount of training, however, is going to thwart these types of attacks because humans are generally inclined to trust other people, he added. It’s just human nature to want to assist in a time of apparent crisis so the only alternative is to leverage AI to identify social engineering attacks in progress, he said.

It’s not clear how rampant social engineering attacks against help desks have become, but in the wake of a spate of recent breaches, many IT teams are, hopefully, more aware of the tactics and techniques being used to gain unauthorized access to applications and services. The challenge is recognizing that these types of attacks are actually aimed at people and processes rather than platforms, added Stewart.

Each IT team will need to determine what additional levels of security might be required, but there is nothing quite as galling as a breach that occurred because a password was simply handed out, especially if an organization has invested millions in cybersecurity. Rather than blaming the victim, however, organizations would be better served by spending time understanding how a flawed process was exploited, said Stewart.

In the meantime, IT teams that have been victimized by these attacks can take some cold comfort in the fact that these breaches have become a lot more common, which suggests that the processes in place to prevent these types of incidents may not be as nearly locked down as everyone seems to think.