Human Digital Twins Could Give Attackers a Dangerous Advantage - Dark Reading

THREAT INTELLIGENCE CYBER RISK CYBERATTACKS & DATA BREACHES Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know. Human Digital Twins Could Give Attackers a Dangerous Advantage While this emerging impersonation technology offers many benefits, digital twins also have several drawbacks, including use in social engineering attacks. Arielle Waldman,Features Writer,Dark Reading July 21, 2025 3 Min Read SOURCE: OLE CNX VIA SHUTTERSTOCK Human digital twins (HDTs) can provide a safer and less expensive way to study medicine, enhance engineering processes, and identify vulnerabilities. But attackers will also discover the advantages of adopting the rapidly developing technology, warn a pair of researchers. HDTs are trained on the core patterns of human individuals, from behavioral to psychological traits, and their avatars can mimic how real people look and sound. Reports of threat actors abusing deepfakes are already on the rise, and the threat may only worsen as artificial intelligence (AI) advancements make digital twins even more realistic. This is especially concerning when considering their potential use in social engineering attacks. HDTs are fundamentally changing how social engineering and influence operations work, according to Dr. Ben Sawyer, associate professor of industrial engineering at the University of Central Florida, and Dr. Matthew Canham, executive director at the Cognitive Security Institute. At next month's Black Hat USA conference in Las Vegas, Sawyer and Canham will expand on how attackers could use HDTs to psychologically manipulate victims. Related:Inside Olympic Cybersecurity: Lessons From Paris 2024 to Milan Cortina 2026 How Can Attackers Use HDTs? To clarify, deepfakes and HDTs are not the same, though some overlap exists. Deepfakes videos and images are typically generated using multiple videos and images, but an HDT is a virtual clone of a person built using just that person's data. The goal of an HDT is to enable personalized simulation, monitoring, and decision support — so they often operate in real time, unlike deepfakes. HDTs are also predictive. While a deepfake in a virtual meeting may be able to respond to questions, a digital twin would be able to predict what an individual would say or do in that situation and act accordingly. For example, adversaries can use HDTs of potential victims to develop hyper-individualized attacks and test different types of attacks before ever contacting the real target, explain Sawyer and Canham. Both cybercriminal and nation-state groups have successfully used deepfakes in their social engineering attacks to steal sensitive information, given how realistic the videos and images appear to the victims. Now employees should also be concerned about how capable HDTs can emulate the behavior of specific individuals, warn Sawyer and Canham. While defenders are working on ways to spot deepfakes, identifying someone in a virtual meeting as a digital twin is even more difficult, if not nearly impossible, they say. "This allows for completely different attack vectors, for example, human-centric digital twins of systems, where an attacker could profile the staff of an entire organization and find distributed social, experience, and training based, or entirely new types of vulnerabilities," they say. "There is also the world of knowledge elicitation and cognitive digital twins, which replicate the skills of individuals." Related:Cybersecurity Predictions for 2026: Navigating the Future of Digital Threats Taking Impersonation to a New Level Another concern is how HDTs pose new risks to individuals due to the sheer volume of sensitive and personal data dumped and available as a result of multiple mega-breaches over the past few years. "A breach where your Social Security number is stolen is considered 'identity theft,' but can it compare to a breach in which a copy of your voice, mannerisms, and detailed information about your past interactions with others is stolen?" Sawyer and Canham ask. Unsurprisingly, many people are already using HDTs, the researchers say. One social media influencer, Caryn Marjorie, charges fans a fee to interact with her virtual persona, CarynAI, while NBA star Carmelo Anthony uses an HDT for fan engagement. Marketing influencer Mark Schaefer also built a digital twin dubbed "Markbot," based on his writings, podcasts, and digital mannerisms. Sawyer and Canham even built Scotobot, an HDT of US Supreme Court Chief Justice John Roberts, which they will show off during the Black Hat session. Related:Why a 17-Year-Old Built an AI Model to Expose Deepfake Maps "Zoom has expressed a desire to build HDTs for all of us, capable of participating in meetings as proxies," they say. "This technology is coming fast." Read more about: Black Hat NewsCISO Corner About the Author Arielle Waldman Features Writer, Dark Reading Arielle spent the last decade working as a reporter, transitioning from human interest stories to covering all things cybersecurity related in 2020. Now, as a features writer for Dark Reading, she delves into the security problems enterprises face daily, hoping to provide context and actionable steps. She looks for stories that go past the initial news to understand where the industry is going. She previously lived in Florida where she wrote for the Tampa Bay Times before returning to Boston where her cybersecurity career took off at SearchSecurity. When she's not writing about cybersecurity, she pursues personal projects that include a mystery novel and poetry collection.     More Insights Industry Reports Frost Radar™: Non-human Identity Solutions 2026 CISO AI Risk Report Cybersecurity Forecast 2026 The ROI of AI in Security ThreatLabz 2025 Ransomware Report Access More Research Webinars Building a Robust SOC in a Post-AI World Retail Security: Protecting Customer Data and Payment Systems Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need Securing Remote and Hybrid Work Forecast: Beyond the VPN AI-Powered Threat Detection: Beyond Traditional Security Models More Webinars You May Also Like THREAT INTELLIGENCE React2Shell Exploits Flood the Internet as Attacks Continue by Rob Wright DEC 12, 2025 THREAT INTELLIGENCE Iran Exploits Cyber Domain to Aid Kinetic Strikes by Robert Lemos, Contributing Writer NOV 26, 2025 CYBERATTACKS & DATA BREACHES DeepSeek Breach Opens Floodgates to Dark Web by Emma Zaballos APR 22, 2025 THREAT INTELLIGENCE Nation-State Threats Put SMBs in Their Sights by Robert Lemos, Contributing Writer APR 21, 2025 Edge Picks APPLICATION SECURITY AI Agents in Browsers Light on Cybersecurity, Bypass Controls CYBER RISK Browser Extensions Pose Heightened, but Manageable, Security Risks CYBERSECURITY OPERATIONS Video Convos: Agentic AI, Apple, EV Chargers; Cybersecurity Peril Abounds ENDPOINT SECURITY Extension Poisoning Campaign Highlights Gaps in Browser Security Latest Articles in The Edge CYBER RISK With Government's Role Uncertain, Businesses Unite to Combat Fraud MAR 19, 2026 THREAT INTELLIGENCE Inside Olympic Cybersecurity: Lessons From Paris 2024 to Milan Cortina 2026 MAR 16, 2026 THREAT INTELLIGENCE The Data Gap: Why Nonprofit Cyber Incidents Go Underreported MAR 13, 2026 CYBER RISK Cyberattackers Don't Care About Good Causes MAR 13, 2026 Read More The Edge Want more Dark Reading stories in your Google search results?