UNMASKING impostors has long challenged the art world, and The Hacker News’ piece draws a striking parallel with defensive cybersecurity, urging defenders to recognise mimicry as a core threat. It recalls Elmyr de Hory, who in the 1960s passed off counterfeit masterworks and whose forgeries slipped past experts for decades, relying on signatures, patterns and provenance.
The article argues that today’s SOCs face a similar Age of Imitation, with cyberattackers using AI to imitate trusted users and blend malicious activity with legitimate network traffic. A key statistic from CrowdStrike’s 2026 Global Threat Report is highlighted: 81% of attacks are malware-free, relying on legitimate tools and techniques and LotL-style methods.
The piece then links these ideas to defensive measures, emphasising that network detection and response (NDR) can expose fakes by watching for behavioural anomalies and inconsistencies in protocols and metadata. It also references Corelight’s Open NDR Platform as a tool to help SOCs detect emerging threats, including those leveraging AI techniques.