Deepfakes - a new threat to IT security?
by Tina Siering
What is a deepfake?
Deepfake is a compound term made up of "deep" for so-called deep neural networks and "fake". Deepfakes are therefore fake media content generated by artificial intelligence and machine learning methods. To create deepfake content, corresponding software products are "fed" video and audio footage of a target person. The software is thus trained to imitate the facial expression, tonality of speech or even gestures of the victim. With enough source material, it is currently already possible to "put any sentence into the mouth" of a person - or to transfer the head of one person to the body of another.
What technological developments make deepfakes possible?
Three things are needed to create high-quality deepfakes: sufficient computing power, sufficient source material in the form of audio, video or image data, and autonomous learning neural networks. Computing power is the least of the challenges; even current powerful desktop PCs can generate audio or video deepfakes. Even a standard smartphone is sufficient for fake images, as freely available "face swap" apps in the app stores demonstrate. The source material for deepfakes is also easy to obtain these days, especially if public figures are to be targeted. Social media platforms offer extensive data in this regard. Is access to neural networks, machine learning and efficient artificial intelligence at least a hurdle? Not at all, because even sophisticated video fakes can now be created automatically with freely available open-source software without deep knowledge of the technology and methods. We have summarized more about the technology behind deepfakes in this blog post.
Will deepfakes soon be part of cybercriminals' standard repertoire?
Malware, spyware, ransomware, phishing and DDoS attacks - and now deepfakes? It is a fact that cybercriminals do not miss any technical opportunity to manipulate, deceive and "bamboozle" their victims. Deepfakes add highly dangerous possibilities to the cybercriminals' spectrum. From convincing large-scale social engineering attacks to circumventing image recognition or voice biometrics protections to disinformation campaigns and extortion, deepfakes expand the cyberattacker's repertoire. The ubiquity of manipulated images has been challenging police and authorities for some time. What is new, however, is the use of fake video and audio. Until recently, fake video recordings or audio files were all but impossible. Those days are over.
In war, truth is the first casualty. The propaganda departments of the parties involved in the current Ukraine conflict use state-of-the-art techniques to unsettle the other side or provoke reactions. Minister Giffey has not become the first, but at least in Germany the most prominent victim of a possible deepfake campaign. Ms. Giffey spoke for about 30 minutes via video chat with a fake Vitali Klitschko - and only became skeptical when her counterpart demanded, among other things, that German security authorities please help transport young Ukrainian men back to Ukraine. Whether deepfake or a technologically less sophisticated "shallowfake" (a re-arrangement of existing video data): The example impressively shows how easily even experienced people can be deceived.
The two heads of government of Russia and Ukraine are also used as propaganda tools in deepfake videos. A video is making the rounds on social networks in which an artificially generated President Selensykyj makes a convincing speech: "There is no tomorrow. At least not for me. [...] I advise you to lay down your arms and return to your families. In this war, it is not worth dying."
A similar video from President Putin was not long in coming. In the deepfake video, which was also produced in a highly professional manner, Putin announces that the war is over and that they have made "peace with Ukraine."
Denials immediately followed from both sides, and at least the Selenskyj video was deleted from Facebook. What remains is the bland aftertaste that propaganda in the war with artificial intelligence has become richer by a powerful weapon.
The possibilities of manipulation in images, video, text and words.
Deepfakes are so dangerous because they can falsify high-quality media content that was previously considered trustworthy. Whereas previously one was sure that a person could be reliably identified by the face in a video or the voice in an audio file, this changes drastically as a result of deepfakes. But how exactly can reality be manipulated with deepfakes?
Faces can be manipulated in a variety of ways with the use of AI. Common, mature methods here are face swapping and face reenactment.
In face swapping, the input of a person's face is used to generate the facial image of another person - with identical facial expressions, gaze direction and facial illumination.
Face Reenactment involves the manipulation of a person's head movements, lip movements or even facial expressions. For this purpose, 3D models of the victims' faces are generated based on a video stream, which the cybercriminal in the background can then control at will with his own video stream.
To manipulate voices, either an audio signal is generated to a given text that sounds like the target person (text-to-speech), or an audio signal is converted to a target voice (voice conversion)
Texts can now be created fully automatically by neural networks. This is based on AI models, text databases and sufficient computing power. This results in extensive texts that can no longer be distinguished as to whether they were really written by a human or by AI.
This is how criminals use deepfake technologies
Threats using deepfakes are now feasible even for non-experts with a basic understanding of technology. The manipulation of identities through deepfakes enables countless threat scenarios:
- Deepfakes allow biometric systems that were previously considered secure to be easily overcome - and in some cases in real time! Especially remote identification methods such as video identification or voice recognition via telephone can be tricked by media content.
- In the area of social engineering, deepfakes are used for targeted phishing attacks. Common examples here are attacks using fake voices of executives to trigger money transactions.
- Disinformation campaigns are another area of application for deepfakes. Manipulated media content is used here to discredit public figures or trigger certain moods among the population.
- Deepfakes let any person make any statement. In this way, a person's reputation can be permanently damaged by the publication of untruths of all kinds.
How companies protect themselves from the new threat of deepfakes
Deepfakes are dangerous, no question about it. Nevertheless, there are reliable countermeasures for companies and organizations in this area of cybercrime as well. One of the most effective measures against deepfakes is regular security awareness training. If all employees of a company are aware of the dangers posed by fake media content and know how to recognize the fakes, most of the potential of deepfake attacks has already been squandered.
During training sessions, it can be taught that despite the high quality of modern deepfakes, there are still sometimes clear artifacts that identify a fake as such. Especially in the case of real-time attacks, there is no way for the attackers to comprehensively eliminate these artifacts. Whether visible transitions in face-swapping, washed-out contours on teeth or eyes, noticeably limited facial expressions or inconsistent exposures are clear signs that a face has been faked. In the case of audio deepfakes, it is the mispronunciation of words, a monotonous voice output or a wrong way of speaking that indicate a fake.
The technology for faking media content is already sophisticated today - and will continue to develop in the coming years thanks to advances in artificial intelligence. It is certain that the manual detection of deepfakes will become even more difficult. In the area of IT security, this will require AI-based countermeasures in the future, which are already being developed. Until that time comes, comprehensive security awareness training is the best way to protect your own company against deepfake attacks.