Deepfake technology refers to the use of artificial intelligence to alter media to make one person look and/or sound like someone else. You may have seen the infamous Tom Cruise deepfake videos doing the rounds on social media. But while deepfakes can be used for entertainment, they’re also emerging as a cyber threat.
Why deepfakes are dangerous
Deepfakes can be used to create realistic but false narratives, seemingly originating from trusted sources. This can have scary consequences. These videos can be used to spread disinformation or manipulate people. For example, they can be used to influence people to vote a certain way, or for identity theft. A bad actor could create a fake pornographic photo or image and threaten to share it on social media if the target doesn’t do what they demand. Even though the victim knows it’s not real, there’s no guarantee everyone else will.
Now, apply the same idea in the corporate sphere. Companies can be targeted by bad actors who create fake videos of senior staff doing or saying something that will paint the organisation in a bad (or even criminal) light.
A more mundane example, but just as potentially damaging, is a cybercriminal pretending to be a supplier, client, or partner, to collect a financial reward. This has happened already – in 2019, one voice-only deepfake (where bad actors impersonate someone’s voice using AI) resulted in a CEO making a payment of $ 243,000.00 to someone he thought was a supplier on an instruction that seemed to come from his boss.
Protecting against deepfakes
Software is available to help guard against deepfakes. This uses an AI-based engine to drive programs that identify potentially fake media by analysing a range of factors. For example, in assessing videos, the program will examine everything from light reflections to recurrent convolutional models (spotting inconsistencies between the individual frames that make up a video).
However, this technology is not perfect and is generally developed in reaction to evolving deepfake technologies.
The best safeguard against deepfakes, especially within businesses, is making more people aware of the technology and the risks it poses and training them to spot warning signs (such as a request that seems a little “off”) and how to handle them.
Currently, more than 90% of breaches are due to human error, and we don’t see that changing.
Therefore, businesses must prioritize continuous cybersecurity awareness training to empower their employees with the knowledge and skills needed to defend against deepfakes and other evolving digital threats.
If you want to learn more about how our comprehensive Cyber 365 employee cybersecurity awareness training can fortify your organization, you can either download our detailed features guide or get in touch and let us help you strengthen your cybersecurity posture within your organisation.
