Categories: Artificial Intelligence, Cybersecurity, Health Care
,

The digital transformation has led to significant advancements in authentication and identity verification technologies and other cyber defenses.

From biometrics to multi-factor authentication (MFA) to use of Artificial Intelligence (AI) enhanced detection and response tools, these systems are the first line of critical defense against unauthorized access in critical sectors such as finance, healthcare, manufacturing and government. However, with the rapid development of Multi-Modal AI and agentic AI, a new challenge has emerged—one that may compromise the very systems designed to protect us. By integrating multiple forms of data (e.g., voice, video, text) in multi-modal AI and use of agentic AI (automated decision-making with little or no human intervention), malicious actors are increasingly capable of bypassing authentication and identity verification security and other defenses, thereby posing a new level of cybersecurity threat. The rapid deployment of AI integrated into a wide variety of commercial products, platforms and workflows has dramatically expanded the potential attack surface.

Indeed, on November 13, 2025, Anthropic reported how its AI-powered Claude Code tool was leveraged for a fully automated sophisticated attack targeting large technology companies, financial institutions, manufacturing and government agencies: “We believe this the first documented case of a large-scale cyberattack executed without substantial human intervention.” Similarly, researchers recently reported the discovery of a strain of ransomware that used large language models to autonomously implement ransomware attacks by generating malicious code in real time. We have previously highlighted in our blogs the escalating threats to employees from DeepFake technologies and AI augmented phishing attacks.

What is Multi-Modal AI?

Multi-modal AI refers to systems that can process and combine information from diverse sources to understand and respond to inputs in ways that are more holistic and human-like. For example, rather than relying on just one modality, such as voice recognition or facial recognition, multi-modal systems can integrate text, video, and other sensory data for improved accuracy and flexibility. While these advancements offer immense potential in fields like healthcare and customer service, they also raise serious concerns when leveraged maliciously.

As more organizations implement biometric authentication, such as facial recognition and voice biometrics, multi-modal AI offers attackers a new arsenal for bypassing these security measures. By synthesizing data from multiple sources—such as voice recordings, photos, and even social media interactions—an attacker can create a comprehensive digital identity profile that closely mirrors the real thing. This new breed of attack can go beyond traditional hacking methods, using AI to trick systems that once seemed impenetrable.

What is Agentic AI?

Agentic AI generally refers to artificial intelligence systems that are capable of operating and developing autonomously and independently with little or no human oversight. Agentic AI may be integrated into systems through Application Programming Interfaces (APIs). Gartner reports that “[b]y 2028, 33% of enterprise software applications will include agentic AI, up from less than 1% in 2024, enabling 15% of day-to-day work decisions to be made autonomously.”

The AI-Powered Deepfake Threat

One immediate concern is the rise of AI-driven deepfakes. Deepfakes—hyper-realistic media created through AI that can mimic someone's appearance, voice, and behavior—have already made waves in the world of media and politics. However, these technologies are increasingly being adapted for malicious purposes, particularly in the realm of identity fraud.

An attacker could use multi-modal AI to create a convincing deepfake that mimics not just one, but several facets of an individual’s identity. For instance, by combining a victim’s facial data and voice samples with text-based information (like emails or social media posts), an AI could generate an extremely accurate imitation of the individual. This synthetic identity could then be used to bypass security systems, such as voice-activated banking systems, facial recognition used for mobile authentication, or even online verification processes employed by financial institutions.

As noted by the Center for Cybersecurity Policy and Law, deepfakes and other AI-powered impersonation techniques are particularly dangerous in financial services. Systems that rely on voice recognition or facial biometrics are becoming increasingly vulnerable to attacks that could potentially manipulate the very data they rely on for authentication. As acknowledged by the U.S. Treasury, AI has the capability to mimic biometrics (such as photos/video or a customer or the customer’s voice). As discussed further below, this capability is a growing concern, especially in the context of digital identities in the financial sector, where the consequences of breaches could be severe.

Erosion of Trust in Biometric Authentication

Biometric authentication, once hailed as a more secure alternative to traditional passwords, is being challenged by the rapid advancements in AI. Unlike passwords, which can be changed if compromised, biometric traits—such as fingerprints or facial features—are permanent and unique. Once an individual's biometric data is compromised, it cannot be reset or changed.

As AI technologies become more adept at replicating biometric traits, attackers are finding it easier to spoof security systems that were once considered highly reliable. The sophistication of multi-modal AI means that attackers no longer need access to a single biometric data point; they can instead leverage a combination of video, audio, and textual information to create a full profile of a target. This makes traditional authentication methods increasingly vulnerable, especially in high-risk sectors like banking and government services, where security is paramount.

Implications for Financial Services

In financial services, the stakes are particularly high. As digital identities become more integrated into online banking, digital wallets, and payment systems, the attack surface for malicious actors expands significantly. Multi-modal AI allows cybercriminals to craft more convincing and nuanced impersonations of customers or employees, potentially leading to financial fraud, data breaches, or even systemic risks. This poses a grave challenge for financial institutions, which must find ways to bolster the security of their identity verification systems while also maintaining a seamless user experience.

Accordingly, use of multi-modal AI in financial services could lead to a significant erosion of trust in digital identity systems. If individuals and organizations can no longer trust that their biometric data is safe, they may hesitate to adopt or fully integrate these technologies, potentially disrupting the growth of digital economies.

The Risks of Agentic AI

The Anthropic report highlights the significant escalation in AI attacks: “This campaign demonstrated unprecedented integration and autonomy of AI throughout the attack lifecycle, with the threat actor manipulating Claude Code to support reconnaissance, vulnerability discovery, exploitation, lateral movement, credential harvesting, data analysis, and exfiltration operations largely autonomously. The human operator tasked instances of Claude Code to operate in groups as autonomous penetration testing orchestrators and agents, with the threat actor able to leverage AI to execute 80-90% of tactical operations independently at physically impossible request rates.” The risks to the wider business community are clear, as highlighted by the attack recently featured on the front page of the Wall Street Journal.

Mitigating the Risk of Multi-Modal AI and Agentic AI

Cybersecurity compliance (including under HIPAA, the Gramm Leach Bliley Act, the FTC Safeguards Rule, and state laws such as the NY SHIELD Act, NYSDFS Cybersecurity Regulation, and Illinois Personal Information Protection Act) requires organizations to consider the risks from emerging cybersecurity threats and to implement reasonable risk based safeguards. As the above discussion indicates, these threats are not hypothetical, and as the threat landscape evolves, the need for more robust authentication and defensive systems becomes increasingly urgent. Organizations must look beyond traditional authentication methods and adopt multi-layered strategies to defend against AI-powered attacks. Some key strategies to mitigate the risks posed by multi-modal AI and Agentic AI include:

  1. AI Governance: Maintain an AI System governance, compliance and internal audit program that conducts risk assessments and considers the cyber threats in connection with the use of AI, including addressing threats highlighted by the Open Worldwide Application Security Project (OWASP) (such as Agentic AI, LLMs) and the National Institute of Standards and Technology (NIST).
  2. Multi-Factor Authentication: Combining several forms of authentication—such as biometrics, passwords, and device-based security—can provide a much stronger defense against AI-driven attacks. Adding multiple layers of protection significantly complicates the process for attackers trying to spoof a user's identity.
  3. Behavioral Biometrics: Moving beyond static biometrics, such as fingerprints or facial recognition, behavioral biometrics monitors user behavior patterns, such as how they type or interact with a device. These dynamic identifiers are much harder to replicate, making them a useful complement to traditional biometric systems.
  4. Continuous Authentication: Instead of relying on a one-time authentication process, continuous authentication tracks user behavior in real time. By monitoring factors like typing speed, mouse movements, or even voice inflections during a session, systems can detect anomalies that indicate fraud.
  5. AI Detection Tools: As deepfakes become more sophisticated, financial institutions and other organizations can invest in AI systems designed to detect synthetic media. These tools can identify inconsistencies or abnormalities in audio, video, and text data that are often present in AI-generated content.
  6. User Education and Awareness: Organizations must educate their users on the potential risks of multi-modal AI, especially as it relates to identity theft and fraud. Awareness programs can help users recognize phishing attempts and other forms of social engineering that exploit AI-driven impersonations.
  7. Secure APIs: Inventory and protect APIs.

Conclusion

The rapid development of multi-modal AI and agentic AI represents both an opportunity and a threat in the world of cybersecurity. While these technologies offer exciting advancements in fields like customer service, healthcare, manufacturing and finance, they also present a new class of risks—particularly in the realm of authentication and identity verification, ransomware and data theft. As cybercriminals become more adept at leveraging AI to bypass security systems, it is crucial that organizations and individuals adopt a multi-faceted approach to digital identity security. With the right safeguards in place, the promise of AI can be harnessed while mitigating its associated risks.

Tags: Artificial Intelligence, Biometric Data, Cyberattacks
Back to Health Law Advisor Blog

Search This Blog

Blog Editors

Authors

Related Services

Topics

Archives

Jump to Page

Subscribe

Sign up to receive an email notification when new Health Law Advisor posts are published:

Privacy Preference Center

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.