The scale at which deepfakes can cause financial harm, reputational damage and data breaches shouldn’t be underestimated. Here’s how organizations can prevent these AI-generated attacks.
By Matt Miller
Artificial intelligence (AI) has transformed the way we live and work, offering immense potential for innovation and progress. However, as with any technology, AI also has its drawbacks. For example, deepfakes — AI-generated synthetic media — have rapidly gained popularity among cybercriminals as a potent tool for cyberattacks. Specifically, deepfakes manipulate information; fabricate audio, video, and images; deceive individuals; and exploit vulnerabilities within an organization.
What’s more, cybercriminals have found various ways to use deepfakes as part of their existing cyberattack strategies to make them more credible. These strategies include:
- Business email compromise scams: This involves impersonating high-ranking executives or business partners to deceive employees into transferring funds or sharing sensitive information. Deepfakes make these scams even more convincing, as cybercriminals can manipulate audio or video to mimic the voice and appearance of the targeted individual.
- Insider threats: This is a cybersecurity risk that comes from within the organization — and can be intentional or unintentional. Since deepfakes can be used to create fake videos or audio recordings of employees, cybercriminals can use blackmail or manipulation tactics to gain unauthorized access to sensitive information or compromise the integrity of a business or financial entity.
- Market manipulation: Deepfakes can also spread false information or manipulate stock prices. By creating realistic videos or audio recordings of influential figures, cybercriminals can create panic or generate hype, causing significant fluctuations in the market. This can then lead to investors making uninformed decisions and suffering financial losses.
The consequences of these attacks can be severe for organizations, ranging from substantial financial losses to reputational damage. Therefore, it’s no surprise that a May 2024 KPMG survey found that 76% of security leaders are concerned about the increasing sophistication of these new cyberthreats and attacks. This is why it’s crucial for chief information security officers to have conversations with senior decision makers to ensure cybersecurity budgets account for the costs associated with implementing new processes, tools, and strategies.
Of course, once sufficient funding has been acquired, there are several actions organizations should take to address the threat posed by deepfakes. Here are five of them.
1. Develop a strong cybersecurity culture
It’s important for organizations to educate employees about deepfakes, including their potential risks and how to identify them. By training employees to be cautious when interacting with media content, for example, businesses can reduce the likelihood of falling victim to deepfake attacks. Additionally, implementing robust authentication measures to ensure that only authorized individuals have access to sensitive information or systems are critical. This can involve using multifactor authentication and biometrics to strengthen security.
2. Leverage a zero-trust approach.
This approach provides a comprehensive framework for mitigating deepfake cyberattacks by prioritizing strong authentication, access control, continuous monitoring, segmentation, and data protection. Organizations can implement granular access controls, allowing them to restrict access to specific resources based on user roles, privileges, and other contextual factors. By doing so, it helps prevent unauthorized users from gaining access to critical systems and data that could be used to propagate deepfakes.
Furthermore, zero trust encourages continuous monitoring of user behavior and network activity and promotes network segmentation and isolation. By actively monitoring for suspicious behavior or anomalies, organizations can detect and respond to potential attacks in real-time, minimizing the damage caused. By separating critical systems and data from less secure areas, organizations can limit the spread of deepfake content and prevent it from infiltrating sensitive areas. Additionally, it protects data at all stages, including data in transit and at rest. By implementing strong encryption and data protection measures, organizations can safeguard their data from being manipulated or tampered with to create deepfakes.
3. Proactively employ advanced monitoring, detection technologies
Employing advanced monitoring and detection technologies, like AI-based tools and algorithms, can help businesses identify anomalies in audio, video, or image files that may indicate the presence of deepfakes. In fact, according to the recent KPMG survey, 50% of cybersecurity leaders are already using AI and advanced analytics to predict potential threats. Other proactive measures can include collaborating and sharing information with regulatory agencies to leverage their expertise and resources critical for the development of effective policies.
4. Develop an incident response plan
This plan should specifically outline the steps needed to be taken if a deepfake attack occurs, including communication protocols, legal considerations, and technical countermeasures.
5. Regular organization-wide system updates and patches
This step is crucial to maintaining a strong defense against deepfakes. Keeping all software, applications, and systems up to date with the latest security patches helps protect against known vulnerabilities that could be exploited by cybercriminals.
As AI technology continues to advance, so too will the capabilities of deepfakes. Organizations need to be vigilant by collaborating with cybersecurity experts, researchers, and law enforcement agencies to stay updated on the latest deepfake techniques and countermeasures. By staying informed, implementing best practices, and leveraging the power of AI for defense, organizations can mitigate the risks posed by deepfake attacks and safeguard their operations, reputation, and stakeholders’ trust.
Matt Miller is the principal of cybersecurity services at KPMG. This article was modified with permission from The Georgia Society of CPAs.
Reprinted courtesy of Insight, the magazine of the Illinois CPA Society.