Recently cyber criminals successfully pulled off a scam by targeting a company via using deepfake AI technology that was able to replicate the facial features of business stakeholders in a company and defraud the company of millions of dollars. This article explores this new form of scam and how companies can safeguard against deepfake replicants.
Being one of the first reported instances of deepfake technology being used to scam a large company. Cyber Criminals have now advanced their approach from simple scam emails to using artificial intelligence to create deepfake replicants of company stakeholders to defraud companies.
While it is a marvel of technology, just by using a few videos and sound clips of a real-life person you could build an artificially intelligent replicant of that person that looks, sounds and even acts like the person that is being replicated. This new technology has fallen into the hands of cyber criminals and has been used to pull off a grand heist. In the next section I will discuss simple procedures that a business can implement to secure their business from deepfake replicants.
Any system administrator and cyber security professional should know of the OSI layer table. The OSI layer describes the physical layer to the application layer of a system. For example, a network firewall (Such as CISCO ASA) works on the network layer while a host system firewall (Such as Windows Firewall) works at the application layer.
Knowing this information, system and network administrators can take precautions at both the network layer and the application layer. For example, for most video conferencing software that works at the application layer (such as MSTeams and Zoom) access control rules can be created within the management interfaces of these applications to restrict the use of video conferencing to external networks.
Such access control rules can restrict the use of video conferencing to external networks, such as the internet but still allow the use of video conference software to be used in internally within company networks (such as the intranet) or on a private VPN that the company maintains.
Access control can also be applied on network firewall devices, with the network firewall being your first line of defense to an internal private company network (intranet). For example, let’s say that you’re running a business that has a sales department, an accounting department and a management department. The sales department receives external video conference calls from the internet and the accounts department only makes internal video calls to the management department or external parnter companies.
Within the network firewall, rules can be created to allow parts of an internal network that has been segregated using virtual local network technology (VLAN) to allow external video conference calls to the sales department but restrict external video conference calls to the accounts department unless if that external video call meets a criteria specified by an access control list, such as approved IP addresses of external parnter companies that are approved to establish a video conference call.
Simply put, by tightening up security and only allowing the establishment of external video conferencing calls to departments that require it, and restricting the use of video conferencing to approved external networks companies can mitigate the risk of falling victim to deepfake replicant technology.
Our qualified technician Shane can review your current video conferencing management systems and network layer firewalls and provide your business with a detailed report of your current level of security with actionable insights. Shane takes confidentiality very seriously and will never sell your data on the international information blackmarket, such as sharing any insecurities discovered in your system. Shane’s reviews and reports will always remain 100% confidential with no obligation to proceed with any recommendations.
Shane can make recommendations on how to secure your video conferencing systems with technology that you already own and will not try to hard-sell you a product unless if absolutely needed. Most video conferencing systems already have built in tools that the company already owns but just needs a skilled and qualified technician to implement.
Advanced access control can be implemented If your company is running of a set of network switches that supports VLAN technology, as well as a network firewall. Regardless of the make and model of the network switch or firewall, most networking devices support the same technical features and Shane can implement these features such as access control lists on your network firewall or segregated internal networks with VLAN technology.
It is recommended for companies to routinely audit the security of their networks, computers and systems. By engaging with Shanes Computing and Networking we can arrange a confidential, no obligation review of your systems with actionable insights.
In this day and age, it is now entirely possible to build an exact digital deepfake replicant of a human and this replicant will look and sound exactly like the person that is its replicating. There will be countless of ethical concerns regarding deepfake technology, such as by creating digital deepfake replicas of the living and deceased. Cybercriminals are now starting to benefit from this deepfake replicant technology and have successfully pulled off one of the worlds first grand digital heists using deepfake replicant technology. It is recommended for businesses to always be multiple steps ahead of these cyber criminals and by engaging with qualified local technicians, such as Shane’s Computing and Networking, businesses will be able to protect themselves from the rise of the deepfake replicants.