IT departments should implement real-time audio and video verification capabilities, passive detection techniques, and better protection of high-priority officers and their communications to defend against AI-generated deepfake messaging, say American cyber intelligence agencies.<\/p>\n
\u201cThe tools and techniques for manipulating authentic multimedia are not new, but the ease and scale with which cyber actors are using these techniques are. This creates a new set of challenges to national security,\u201d said Candice Rockell Gerstner, a specialist in multimedia forensics at the U.S. National Security Agency (NSA). \u201cOrganizations and their employees need to learn to recognize deepfake tradecraft and techniques and have a plan in place to respond and minimize impact if they come under attack.\u201d<\/p>\n
In a report<\/a> issued Tuesday by the NSA, the FBI and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) say there are currently limited indications of significant use of synthetic media techniques by malicious state-sponsored actors. However, they warn the increasing availability and efficiency of synthetic media techniques available to less capable malicious cyber actors means deepfake content will likely increase in frequency and sophistication.<\/p>\n The term \u201cdeepfake\u201d refers to multimedia that has either been synthetically created or manipulated using some form of machine or deep learning (artificial intelligence) technology.<\/p>\n Related content: The future of cybersecurity is AI and deepfakes<\/strong><\/a><\/p>\n Employees may be vulnerable to deepfake tradecraft and techniques, which may include fake online accounts used in social engineering attempts, fraudulent text and voice messages used to avoid technical defenses, faked videos used to spread disinformation, and other techniques, the report says.<\/p>\n Malicious actors may use deepfakes with manipulated audio and video to try to impersonate an organization\u2019s executive officers and other high-ranking personnel for, among other things, convincing employees to shift funds to bank accounts controlled by crooks. Or to disrupt an organization’s reputation or share price.<\/p>\n Related content: Deepfakes fueling online anarchy<\/strong><\/a><\/p>\n There was a huge increase in deepfake images for LinkedIn profile pictures last year, the report notes. In 2019, deepfake audio was used to steal the equivalent of US$243,000 from a U.K. company. And in May an AI-generated scene depicting an explosion near the Pentagon caused “general confusion and turmoil on the stock market,” the report adds.<\/p>\n The report says organizations should — use tools that look for compression artifacts, as well as those that can verify reflections and shadows, in video communications;<\/p>\n — consider using open source tools found on GitHub, like Nvidia’s StyleGAN3 Synthetic Image Detection<\/a>;<\/p>\n — look for physical properties in videos that would not be possible, such as feet not — protect company-created media like promotional or training videos from being copied using tools like watermarks. Organizations should also partner with media, social media, career networking, and similar companies in order to learn more how these companies are preserving the provenance of online content;<\/p>\n — train employees how to spot deepfake audio and video content. Training resources specific to deepfakes include the SANS Institute’s blog \u201cLearn a New Survival Skill: Spotting Deepfakes;\u201d<\/a> and MIT Media Lab’s blog \u201cDetect DeepFakes: How to counteract information<\/a> The post How to defend your organization against deepfake content<\/a> first appeared on IT World Canada<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":" Advice from the FBI, NSA and CISA on spotting and preventing your firm from being victimized by deepfake audio<\/p>\n","protected":false},"author":17,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[21,16],"tags":[391,396,393,275],"class_list":["post-41338","post","type-post","status-publish","format-standard","hentry","category-emerging-tech","category-security","tag-di","tag-postmedia","tag-security-strategies","tag-top-story"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/41338","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=41338"}],"version-history":[{"count":1,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/41338\/revisions"}],"predecessor-version":[{"id":41339,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/41338\/revisions\/41339"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=41338"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=41338"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=41338"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\n— implement identity verification capable of operating during real-time communications. This can include testing to prove an image is live, mandatory multi-factor authentication using a unique or one-time generated password or PIN for logging into video calls, and using known personal details, or biometrics, to ensure those entering sensitive communication channels or activities are able to prove their identity;<\/p>\n
\ntouching the ground;<\/p>\n
\ncreated by AI\u201d.<\/a><\/p>\n