How Hackers and Art Forgers Perfect the Art of Deception
How Hackers and Art Forgers Perfect the Art of Deception
https://thehackernews.com/2026/03/masters-of-imitation-how-hackers-and.html
Publish Date: 2026-03-26 07:58:00
Source Domain: thehackernews.com
Unmasking impostors is something the art world has faced for decades, and there are valuable lessons from the works of Elmyr de Hory that can apply to the world of defensive cybersecurity. During the 1960s, de Hory gained infamy as a premier forger, passing off counterfeit masterworks of Picasso, Matisse, and Renoir to unsuspecting collectors and renowned museums. Over the next several decades, more than a thousand of his works slipped past experts who relied on trusted signatures, familiar patterns, and reputable provenance.
It’s not unlike the challenges SOCs are facing now. We’re firmly in the Age of Imitation. Cyberattackers, equipped with AI, are mastering the art of imitating the familiar, posing as trusted users and masking their activity within legitimate processes and ordinary network traffic. As history shows, it’s often easier to identify impostors when you know what to look for.
Key takeaways for defenders:
- Mimicry is the new normal: 81% of attacks are malware-free
- Agentic AI is helping attackers hide more effectively within innocent network traffic and behaviors
- Layered defense now requires more layers to extend protection across software supply chains and federated identities
- NDR enhances visibility to detect and neutralize “fakes”
The rise of mimicry in modern attacks
Just as de Hory reused old canvases and pigments to make his paintings appear more authentic, attackers employ similar methods in the digital realm, leveraging trusted tools and credentials to make their malicious activity blend in. And while mimicry-based techniques have long been a staple of the attacker’s playbook, over the past couple of years, they have gotten more sophisticated. Living-off-the-Land (LotL) attacks and AI-augmented attack tooling have raised the bar for fakery. CrowdStrike’s 2026 Global Threat Report states that 81% of attacks are now malware-free, relying instead on legitimate tools and techniques, which is the hallmark of LotL tactics….
