While technology has provided immense benefits to the world, it also introduced some dangerous threats. One of the most concerning technological threats we face today is the deepfake.
With the rise of user-friendly face-swapping tools, particularly generative AI, deepfakes have become a favored and powerful weapon in the arsenal of cybercriminals and has led to a 704% increase in face-swap attacks in the second half of 2023 alone. Not only are the targeted individuals and organizations the victims here. The people whose identities are faked in these deepfakes are also adversely affected, especially the prominent personalities who are being used to deceive their victims into divulging private and sensitive information for these criminals’ benefit.
The U.S. Department of Homeland Security has warned in a recent report that “deepfakes and the misuse of synthetic content pose a clear, present, and evolving threat to the public across national security, law enforcement, financial, and societal domains.” For companies, the consequences of deepfakes are far-reaching and alarming, demanding our urgent attention and proactive measures. Meanwhile, the American Enterprise Institute reported in April 2024 that this year, there have been “880 million cybercrime complaints resulting in over $12 billion in losses.” These include ransomware attacks, identity theft, phishing, DDoS attacks, and data breaches, just to name a few.
Given the threat posed by deepfakes, how can businesses effectively address these threats and prevent them from inflicting damage to their organization? The key to effectively deal with deep fakes is founded upon three key principles, which we shall enumerate here.
1. Technological solutions
A multifaceted approach is essential, employing the use of the different technological solutions that are available and provide different levels of protection. Google for instance has an open-source deepfake database to facilitate the development of more effective detection algorithms. Adobe also has its “Content Credentials” feature to help identify the origin of edited images. Microsoft’s collaboration with Amazon, Facebook, and several universities resulted in the Deepfake Detection Challenge, stimulating innovation in identifying manipulated media. Microsoft also introduced software that analyzes photos and videos to provide a confidence score indicating the likelihood of artificial manipulation.
2. Collaboration
While technology has done a remarkable job in detecting deepfakes, it can only go as far, especially given how rapid technological evolution has been to the point that cybercriminals often find ways to circumvent even the latest cybersecurity and detection technologies. Thus, it is important for the enterprise to establish key partnerships with relevant government agencies, civil society organizations, and key technology companies in reporting and apprehending cybercriminals misusing deepfakes, developing robust legal frameworks, and improving deepfake detection algorithms and tools. For its part, the US Congress has passed the DEEPFAKES Accountability Act and another similar bill is being discussed. There are also organizations such as the Content Authenticity Initiative (CAI) or the Coalition for Content Provenance and Authenticity (C2PA) that are at the forefront of battling the misuse of deepfakes. The National Institute of Standards and Technology (NIST) also has a cybersecurity framework to help reduce risk and the Federal Trade Commission (FTC), which has assets and free resources to help small businesses protect themselves against cyberattacks.
3. Education
Perhaps the most crucial principle in addressing the perils of deepfakes is education. For one, there is a need to equip key individuals with the skills and knowledge to critically evaluate the authenticity of information to identify and mitigate misleading information head-on. More importantly, businesses must also conduct comprehensive training programs for employees to recognize and respond to deepfake threats. On top of this, staff must also be updated on the latest deepfake technology developments and ensure that they are using up-to-date cybersecurity measures.
The rise of deepfakes and the misinformation it is propagating is a cause for concern. But despite this threat, dealing with it is not an insurmountable obstacle, as long as we have not only the knowledge and the technology, but the participation of all parties within and outside the organization in ensuring truth and authenticity across all aspects of today’s world.