[Etude] Deepfakes are increasingly used by cybercriminals

The use of deepfakes is just getting started. These ultra-realistic photo or video tricks allow you to imitate the face and voice of any person. They underlie the manipulation of information. A deepfake by Ukrainian President Volodymyr Zelensky calling on his population to surrender, for example, was shown on the hacked Ukraine 24 news channel, as well as on several social networks shortly after the start of the war in Ukraine. But the use of this technology goes far beyond that.

“Cybercriminals are now using deepfakes in their attack methods to bypass security checks,” warns Rick McElroy, cybersecurity strategist at VMware. The cloud solution provider recently acquired by Broadcom released its eighth annual “Global Incident Response Threat Report” on August 15, 2022, an online survey of 125 cybersecurity professionals. It is clear that 2/3 of the respondents noted the use of deepfakes during a cyberattack, an increase in the use of this technology by 13% compared to last year.

Using deepfakes via email

Cybercriminals are now moving beyond using deepfakes for influence operations or disinformation campaigns. “Their new goal is to use deepfake technology to compromise organizations and gain access to their environment,” VMware notes. Most of these deepfake attacks use video (58%) rather than audio (42%).

Deepfake cyberattacks are mainly carried out through email (78%), mobile messages (57%), voice messages (34%) and social networks (34%). Meeting apps or new business collaboration tools are especially vulnerable to attackers. Often, cybercriminals send messages that appear to be from a known source with a legitimate request for access to information.

Europol is sounding the alarm

Europol issued a deepfake warning at the end of April, ensuring that European law enforcement agencies should take the threat very seriously. In addition to manipulating information from the general public, this technology can be used to manipulate businesses, change credentials, disrupt financial markets, facilitate online child sexual exploitation, and extortion and fraud, the agency lists.

“Preventing and detecting deepfakes should be a top law enforcement priority,” Europol wrote at the time. For the agency, that means training law enforcement to spot them, as well as investing in technical capabilities. It seems that these recommendations should also apply to private companies and various public organizations targeted by such images.

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker.