Artificial intelligence (AI) is becoming increasingly sophisticated and a helpful tool for organizations. However, AI is also a powerful tool hackers use to spread malicious threats and fake news and perform cyberattacks. This week, I read that KnowBe4 detected suspicious activities from their new "employee," whose identity was revealed as an AI deepfake. After reading this, I went down a rabbit hole on AI deepfakes and its impact in today's evolving landscape of social media.
A deepfake is an AI image/video of a person whose face or body has been digitally altered and manipulated. 35 % of US businesses have experienced a deepfake security incident in the past 12 months—making deepfakes the second most common cybersecurity incident for US businesses. The growing wave of deepfake scams has looted millions of dollars from companies worldwide.
Not only do deepfake attacks cause a financial burden for organizations, but also creates confusion for users online. For example, deepfake images of Taylor Swift and an AI-generated song track by "Drake" caused controversies and confusion online. Due to deepfake altering videos/photos, many users question whether specific videos and pictures are real. Recently, there were speculations that President Biden's call with Kamala Harris was a deepfake created with AI, which turned out to be true. With the rise of political deepfake videos and the election coming up, people are concerned that deepfakes could undermine the US institutional credibility.
To mitigate controversies and risks for the US election, CISA compiled a toolkit of free services to enhance the US election infrastructure. Also, IBM suggested that policymakers should develop more robust policies and regulations to protect elections, creators, and people's privacy to mitigate the harms of deepfakes. Organizations are strongly urged to tighten their security measures against deepfake attacks, and users should fact-check any information, videos, and images online before trusting the source. To learn more about deepfake, we invite you to visit our library.
Now let’s take a look at what else made industry headlines this week.
Jul. 26: The US Department of State has announced a reward up to $10 million for information on a North Korean hacker charged with hacking hospitals, military bases, and NASA.
Jul. 25: Cyberark Labs revealed that a popular game cheat sold online, EvolvedAim, was found spreading malware to their client’s financial information.
Jul. 25: Infosecurity Magazine reported, “Malware-based threats surged in the first half of 2024 up by 30% compared to the same period in 2023.”
Jul. 24: Columbus, Ohio, is still recovering from a global cyber service outrage which led the city to server its internet connection.
Jul. 24: Meta has taken down about 63,000 Instagram's account in Nigeria running sexual extortion scams.
Jul. 23: Visa prevented 80 million fraudulent transactions by investing in technology, including AI.
Jul. 23: Threat actors are abusing the popular game, Hamster Kombat, and targeting players with fake software that install spyware information-stealing malware.
Jul. 22: Two threat actors, FLUXROOT and PINEAPPLE, have been abusing Google Cloud to perform credential phishing activities.
Jul. 22: Belgium security researchers found that dozens of dating apps may threaten user’s privacy by leaking their data and exact location.