Trustwave SpiderLabs Uncovers Unique Cybersecurity Risks in Today's Tech Landscape. Learn More

Trustwave SpiderLabs Uncovers Unique Cybersecurity Risks in Today's Tech Landscape. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
Trustwave Blog

Deepfakes: What To Do When Something Is Not What It Appears

18274_georgia-turnham Georgia Turnham, Security Advisor, Trustwave SpiderLabs

On Nov. 5, Georgia Turnham, Security Advisor at Trustwave SpiderLabs, will conduct a webinar discussing the emerging threat known as 'Deepfakes'. During this session, Turnham will talk about the scale of the issue, its unfettered growth and the continual improvements that make them believable.

 

 

Deepfakes, what are they?

Deepfakes are a relatively new phenomenon, only picking up the name deepfake as recently as 2017. Put simply, a Deepfake is a synthetic or artificially created piece of media (image, video, or audio) that makes it appear someone said or did something that they, in fact, did not do. Kind of like special effects in a movie. The creators of these pieces of media leverage artificial intelligence and machine learning techniques to create an output that is as authentic and legitimate as if it were the person themselves saying those things.

The danger posed by these threats is potentially severe. They can undermine and destabilize democracies, spread disinformation, and attack an individual's credibility. However, the scary thing is, because deepfakes are still so novel, we haven't seen the full extent of the danger posed by these technologies. The fact these threats rely on the 'seeing is believing' idiom, is what makes them so hard to counter.

What is a typical deepfake attack?

There is no 'typical' deepfake attack. Ultimately the attack itself is going to be curated based on the objectives of that attacker. For example, an attacker will take a snippet of audio, find a photo or a video of their victim, and superimpose it onto another piece of media. The result is a piece of media showing the victim taking part in an activity or conversation in which they were not involved. This activity is done to spread false messages with a degree of legitimacy or blackmail the victim.

What are the attackers' general goals? Do they differ much from a threat actor who uses other methods to gain initial entry?

An attacker's goals vary, but attackers commonly use Deepfakes for extortion and blackmail scams and misinformation and disinformation campaigns. The main difference between these threat actors and those who, for example, use phishing or brute force techniques as an entry vector is that in this application, the attacker performs reconnaissance, and often the attack is conducted without the victim's knowledge.

Can you give an example of a successful deepfake attack?

One of the most notable deepfake attacks occurred in 2019 when threat actors targeted a chief executive at a U.K. energy firm. The executive "supposedly" received a phone call from someone claiming to be the company's Germany-based CEO. The U.K. executive was told of an urgent request to transfer €220,000 to one of the company's Hungarian suppliers and that he must complete the transfer within the hour. It wasn't until the attacker called back several days later asking for more money to be transferred that the U.K. executive became suspicious. Unfortunately, the attackers were not caught.

Another case involved former U.S. President Donald Trump and Speaker of the House Nancy Pelosi. Attackers created and posted online a video that made Pelosi appear inebriated at an event to tarnish her reputation. And sadly – it worked. The videos went viral, and this led to calls and speculation from the general population.

What is the best defense against a deepfake attack?

Defense is twofold..

User awareness is the primary defensive weapon. Aiming to educate users on the hallmarks of deepfake content:

  • Faces with distorted features or movements and a lack of blinking.
  • Jerky or unsynchronized movement.
  • Differences or shifts in lighting.
  • Unclear or at times, robotic audio.

How about a sneak peek at what the webinar will discuss?

The first is that the cost and accessibility of deepfake software is far easier and cheaper than what one might expect – which is what makes the threat so pervasive.

Second, the talk will cover the emergence of anti-deepfake solutions, legislations and research projects.

Latest Trustwave Blogs

Trustwave MailMarshal Unveils Major Upgrades to Combat New Email Security Threats

Trustwave MailMarshal will receive a massive upgrade on March 28 that will add four new levels of functionality, including an improved dashboard interface, the ability to detect and halt malicious QR...

Read More

Unveiling the Latest Ransomware Threats Targeting the Casino and Entertainment Industry

Anyone who has visited a casino knows these organizations go to a great deal of expense and physical effort to ensure their patrons do not cheat. Still, there is a large group of actors who are...

Read More

Third-Party Risk: How MDR Offers Relief as Security Threats Abound

While third-party products and services are crucial to everyday business operations for almost any company, they also present significant security concerns, as high-profile attacks including...

Read More