What is a deepfake?
A deepfake is a synthetic media, typically a video or audio recording, in which a person’s likeness or voice is replaced with someone else’s through the use of artificial intelligence (AI) or machine learning. These technologies can create hyper-realistic but entirely fake content, making it appear as though an individual said or did something they did not.
How are deepfakes used?
Deepfakes have been used in movies and other entertainment media for years. However, as the technology becomes more widely available, it has also gotten into the hands of malicious actors, who use it to deceive and defraud people. For example:
- Deepfake technology is used in fraud schemes where criminals create highly realistic videos and audio recordings that impersonate representatives from legitimate organizations.
- Deepfakes can also be used to create phishing emails that appear to be from someone they know in order to get the victim to reveal personal information or click on malicious links.
Why can deepfakes be a threat to digital and information security?
Deepfakes pose a significant cybersecurity threat for several reasons:
- Identity theft: Criminals can create fake video or voice recordings as part of a synthetic identity to bypass biometric security systems or to defraud victims.
- Social engineering: Deepfakes can enhance the effectiveness of phishing and social engineering attacks, making scams and fraud more convincing.
- Extortion: Deepfakes of embarrassing or illegal activity could be used for extortion.
- Cybersecurity complexity: The need to develop new security protocols and technologies to detect and mitigate deepfakes increases the complexity and cost of cybersecurity.
How to spot a deepfake
Deepfake technology is continuously improving and becoming harder to spot. Poor-quality deepfakes may have unnatural eye movements, poor lip synching, or flickering around the edges of the face. Other fine details like hair or jewelry are also challenging for deepfakes to render. Deepfake detection is most noticeable in live deepfakes that have trouble recreating full 90-degree profile views. Asking for a side profile view of the person you’re speaking to is also a viable way of spotting a deepfake.
How to defend against a deepfake
Cryptographic algorithms can embed hashes within videos at specific intervals; any modifications to the video result in altered hashes, indicating tampering. To counter deepfake efforts, another approach involves integrating specially crafted digital ‘artifacts’ into videos. These artifacts obscure pixel patterns utilized by face detection tools, impeding deepfake algorithms and yielding subpar outcomes, thus reducing the likelihood of successful manipulations.
In addition to technological solutions, standard security protocols and best practices are also essential, such as using insights from the criminal underground to identify and remediate stolen credentials.