Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Attack-as-a-service and identity fraud: what should IAM teams do?


(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 8508
 

Attack-as-a-Service has turned identity fraud into a supply chain, not a one-off attack. The most important shift is not that attackers have better tools, but that verification bypass has become a repeatable service with sellers, buyers, support, and iteration loops. That is a governance problem because it changes fraud from isolated abuse into an ecosystem that learns from defender behaviour. Practitioners should treat this as a standing control environment, not a periodic incident pattern.

A few things that frame the scale:

  • The ecosystem encompasses 34,965 total users, according to Ultimate Guide to NHIs.
  • Only 5.7% of organisations have full visibility into their service accounts, which shows how often identity programmes still lack the baseline inventory needed to spot abuse early.

A question worth separating out:

Q: How can security teams reduce replayable identity evidence?

A: Reduce reliance on artefacts that can be copied, edited, or replayed, such as static selfies and fixed documents. Add device binding, transaction context, and liveness checks so the proof has to hold up during real interaction. That makes the attacker’s purchased tooling less reusable.

👉 Read our full editorial: Attack-as-a-service is lowering the bar for identity fraud



   
ReplyQuote
Share: