SecurityWorldMarket

04/10/2019

Spotlight on the dark side of AI

Madrid, Spain

A deepfake is the use of artificial intelligence to create and edit seemingly real videos and audio recordings of people using generative adversarial networks, or GANs - described as algorithms that can create and edit new data from existing datasets.  And, here Panda Security explains that although deepfakes are yet to cause any problems in the world of politics, we have now seen their first use in the world of cyber crime.

The terminology deep fake has come from a portmanteau of deep learning and fake, as in fake news. The Generative Adversarial Networks, or GANs, used to create deepfakes can analyse thousands of recordings of a person’s voice, and from this analysis, create a totally new audio file that sounds the same, and uses the same speech patterns.

The worries surrounding this technology lie in the possibility that it could be used to spread fake videos and recordings of politicians and other public figures. For example, a deepfake of a politician giving a racist speech could influence the outcome of an election, or even incite violence.

Deepfake technology and cyber crime

Panda Security, a Spanish multinational IT and cyber security company, points out that in August this year, it was revealed that a cyber criminal had used deepfake technology to scam a company out of €220,000. The fraud began back in March 2019, when the scammer created a deepfake imitating the voice of the CEO of the victim’s parent company.

The victim, the CEO of an energy company, received a call that seemed to be from his boss. In the call, the chief executive asked for an ‘urgent’ transfer of £200,000 to a Hungarian provider, and told him he would be reimbursed. The victim was tricked into believing that the voice was his boss’s; it had a slight German accent, like his boss, which made the scam more believable.

Once the transaction had been confirmed, the scammers called back, asking for another transfer. By this time, the CEO had begun to grow suspicious, and refused to make the transfer. The funds were reportedly sent from Hungary to Mexico, before being transferred to other locations.

Although so-called “voice fraud” is nothing new, this incident is the first of its kind using deepfake technology. In fact, between 2013 and 2017, vishing (voice phishing) incidents grew 350%. Cyber security experts fear that this incident could be the start of a new cyber criminal trend of using artificial intelligence in this way.

Cyberscams: a growing threat

Cyber criminals’ efforts to scam companies have increased significantly. The amount of money lost in BEC scams doubled between 2017 and 2018, and we regularly see headlines related to this cyber criminal tactic. Recently, 281 people were arrested for carrying out this kind of scam, and, says Panda, two weeks ago, Toyota announced that a subsidiary of the company had lost $37 million in this kind of fraud.

Artificial intelligence, for good and evil

Although the example we have seen here demonstrates that artificial intelligence can be used to carry out cyber crimes, it can also be used to stop them. Deep learning and machine learning are important in automating the detection of anomalies and cyber threats that can endanger the IT systems of any organisation.

Cyber criminals will never stop innovating in their search for new techniques to get onto organisations’ networks, steal company data, and make money This is why Panda is urging everyone that it is vital to stay up-to-speed with all the latest cyber security trends.


Tags

Product Suppliers
Back to top