Check Point warns: AI cyberattacks outpacing human defenses

By Francis Allan L. Angelo

Cybercriminals are now using advanced AI to impersonate CEOs, clone voices, and launch real-time deepfake attacks that financial institutions could not have imagined five years ago, according to Ofir Israel, Vice President for Threat Prevention and AI Products at Check Point Software Technologies.

Speaking in an exclusive Q&A with the Daily Guardian, Israel explained how attackers can now generate highly realistic voice phishing—or “vishing”—calls using only seconds of publicly available audio, tricking finance teams into wiring millions of USD with alarming ease.

“Five years ago, a fraudster might have sent a poorly written phishing email,” said Israel. “Today, they can clone a CEO’s voice from a 30-second audio clip and generate a convincing, urgent call to a treasury team employee.”

According to Check Point’s 2025 AI Security Report, attackers are moving from basic offline tools to autonomous, real-time impersonation engines capable of deceiving even trained professionals.

Two recent high-profile deepfake scams in the UK and Canada have already caused over USD 35 million in losses, showing how these threats bypass traditional anti-fraud controls.

“The attack is no longer about technology alone—it is a direct assault on the human layer of a financial institution’s security with an AI-generated mask,” Israel said.

In response, Check Point has developed defensive platforms like ThreatCloud AI, which uses 55 AI-powered engines to analyze over 200 billion indicators daily and automatically block suspicious behavior.

Israel described one recent attack scenario in which an AI-generated phishing email led to a multi-stage intrusion that could have gone undetected without an autonomous defense.

“Human security teams would be overwhelmed by the subtle, AI-generated alerts,” he said. “Our platform instantly detects and isolates deepfake payloads before any financial damage occurs.”

Check Point’s systems continuously update based on global threat intelligence, creating a closed-loop defense cycle that stops attacks across all network layers.

Still, Israel noted that defenders face an uphill battle: “Generative AI has dramatically lowered the barrier to entry for cybercrime. It’s an attacker’s market right now.”

He warned that financial institutions are especially vulnerable because they store high-value digital assets, rely on human trust-based systems, and often run on complex, legacy infrastructure.

“The single most dangerous threat for 2026 is the Adaptive Deepfake Social Engineering Agent,” he said.

This new breed of AI can sustain a full conversation, adjust its tone in real-time, and combine deepfake content with malware delivery in a single, automated package.

To counter these evolving threats, Israel emphasized the need for contextual intelligence and explainable AI that can flag threats without disrupting legitimate transactions.

“Blocking a major customer’s legitimate USD 10 million transfer can cause as much damage as the fraud we’re trying to stop,” he said.

Check Point advocates for a layered approach that introduces security “friction”—such as secondary authentication—before escalating to a full block.

On the policy front, Israel called on government leaders to fund and mandate a shift from reactive to autonomous cyber resilience in national financial systems.

He urged adoption of Critical Information Infrastructure Protection (CIIP) standards that require AI systems to contain threats in seconds, not hours.

He also emphasized the need for international cooperation: “Technology is not enough. Cybercrime is borderless, and AI tools are globally accessible.”

Israel proposed new global rules that include banning AI weaponization, standardizing cross-border response protocols, and requiring digital watermarks on AI-generated content.

For financial CISOs, his message was direct: “Ask your team whether your system can autonomously neutralize a threat before a human even sees it.”

He warned that human-speed responses are no match for machine-speed attacks and that automation is now essential.

Looking ahead, Israel predicted that AI cyber warfare will evolve into a battle of “agentic AI”—with attackers deploying polymorphic malware and defenders using cognitive AI analysts and decoy strategies.

“Every time a defender blocks a new attack, the attacker’s AI instantly evolves,” he said.

Though he sees no final “checkmate,” Israel believes the goal should be resilient continuity, where the cost of attacking always outweighs the benefit.

“The race will not end,” he concluded, “but the defenders who adapt faster—with smarter AI and better intelligence—will win more often than they lose.”