AI-Powered Cyber Attacks: Deepfakes, Bots, and Beyond
1 min read
Summary
Deepfakes - false but realistic clips - are becoming increasingly widespread and there is no sign of them abating, with criminals even using them to steal money from companies by mimicking executives and authorizing huge transfers, as happened to a company that lost $25m when their CFO was deepfaked.
Such attacks are difficult to prevent as they are not based on malware or phishing links, but purely on psychological manipulation, and multi-factor authentication can be of little help as it relies on something the user has (like a phone for a one-time code) and something the user knows (like a password), and in this case, the company’s employees believed they were talking to their CEO.
Unfortunately, the relative small amount of funds that were recovered ($9m) shows that forensic analysis after the event provides little return, and the only real mitigation strategy is authentication backed up by legal controls and process.