Deepfakes refers to sophisticated forgeries of an image, video or audio recording. Deepfakes have been around for years – you can even find a version of them on social media. For example, with Snapchat, face-changing filters take real-time data and feed it through an algorithm to produce a synthetic image.
But as technology has evolved, deepfakes can now change the media so well that it is often difficult to detect that any manipulation has occurred at all. Through the use of artificial intelligence (AI), deepfakes utilize existing audio and video from an individual – all while continually learning how to produce a more compelling forgery.
Deepfakes have been used to credibly imitate influential politicians. They can even be used to change both real-time or recorded media. Deepfakes are so sophisticated that they can trick the public into thinking that a person has said or done something that they would not normally do. And in the hands of a malicious party, deepfakes can be extremely devastating.
The Risk of Deepfakes for Businesses
By using phishing and "fake president" scams, cybercriminals have long tried to trick companies into giving up. sensitive information. These scams are often carried out with fraudulent e-mail accounts, which in some cases can be easy to detect. But with the help of deep forgeries, cybercriminals now have the power to deceive even the most cautious and perceptive organizations.
Companies, processes and communication are performed online with employees who communicate, collaborate and exchange information digitally ̵
Companies around the world are losing money, reputation and hard-won brand strength due to deep counterfeiting.
With deepfakes, cybercriminals can make a person in a video look and sound like a target company's CEO, trick employees into engaging in money or sharing sensitive data, including compromising measures. Specifically, deepfakes can be used to commit fraud in social technology or to distort public opinion:
- Using deepfakes in social technology fraud – Simply put, social engineering is when a harmful party exploits human behavior to commit a crime. Social technicians can gain access to buildings, computer systems and data simply by using the weakest link in a security system: people. For example, social workers can steal sensitive documents or place key loggers on employees' computers in a bank – all while posing as fire inspectors from a nearby fire department. Social technicians do not need to have expert knowledge of a company's computer network to break into a company – all that is required is for an employee to issue a password or give social technicians access to an area they should not be in. And Because deepfake technology has become Cheaper and more accessible, the ability to trick an employee into performing a malicious act through social technology tactics is so much easier. This is especially true considering how realistic deepfakes can be.
- By using deepfakes to sway public opinion – By deepening a company's CEO or figures, a malicious party can easily spread false or potentially harmful information. Through deepfakes, criminals can get key stakeholders to say or do almost anything. They can make a CEO share false information, say or do socially unacceptable things or try to influence consumer behavior. All of these measures can damage a company's reputation, sometimes irreparably.
Given the potential harm of deepfakes, it is crucial that companies are prepared to protect themselves.
Guarding Against Deepfakes
When it comes to protecting your business from deepfake schemes, consider:
- Employee Training —To protect your organization from deepfakes, employee training is critical. Employees should be educated about deep forgeries, including what they are and how they can be used against the business. Simply by raising awareness of deepfakes, employees will be better equipped to detect them, so that your business can respond quickly and easily.
- Using Detection Software —While AI is used to make deepfakes better and more effective, it can also be used to detect potential deep forgeries. In fact, big companies like Facebook and Microsoft use AI and similar software to detect and remove deep fake videos from their platforms. When it comes to deepfakes, the sooner you discover one, the better. This allows you to act quickly to reduce potential damage.
- Establishing a Response Strategy —If and when your organization is the target of a deep-rooted attack, it is important to have a response strategy in place. Such a strategy should be centered around crisis reduction. This includes a description of individual responsibilities, determination of escalation methods and communication of best practices.
New and emerging technologies for social technology such as deepfakes fundamentally change the cyber threat landscape and become both technically feasible and economically feasible for criminal organizations of all sizes. Contact CoverLink Insurance today for more information on cyber exposures and protecting your business with cyber insurance.