AHFE Open AccessEmerging threat of deepfakes: viability, risks, impacts and mitigations through a practical use case
Abstract
Early 2024 an employee was tricked to transfer 25 million dollars in a cyber-attack where live deepfakes were used to convince the employee of the legitimacy of the request (Chen and Magramo, 2024). Deepfakes are media (image, audio, and video) edited by an algorithm. In the case of the malicious deepfake e.g. video input, it enabled real time interaction between a target and the deepfake. The availability of software and hardware enabling anyone to create their own high quality deepfakes has become such a threat that Europol in 2022 stated: “Many organisations have now begun to see deepfakes as an even bigger potential risk than identity theft (for which deepfakes can also be used), especially now that most interactions have moved online since the COVID-19 pandemic” (Europol, 2022). This paper presents experiences from creating live deepfakes based on typical online, openly accessible media, using free software and a gaming computer, following a free online guide. Without previous experience with deepfakes, we were able to select settings that yielded high quality deepfakes with less than one hour of exploring. The activity of labelling faces requires very little skill. Based on the use case, we provide examples of the achieved quality and discuss cyber and information security implications for organisations. Interviews were performed with a set of small and medium sized organisations regarding their awareness and preparedness for dealing with deepfakes. Industry start to become aware of potential threats of deepfakes, but lack procedures, processes and awareness to be able to sufficiently mitigate deepfake risks. Finally, we suggest a set of best practices and procedures for identifying, and mitigating such threats, focusing on technology, organisation, and the human element.Chen, H. and Magramo, K. (2024) Finance worker pays out $25 million after video call with deepfake ‘chief financial officer’ | CNN. Available at: https://edition.cnn.com/2024/02/04/asia/deepfake-cfo-scam-hong-kong-intl-hnk/index.html (Accessed: 11 June 2024).Europol (2022) ‘Facing reality? Law enforcement and the challenge of deepfakes, an observatory report from the Europol Innovation Lab’. Publications Office of the European Union, Luxembourg. Available at: https://www.europol.europa.eu/publications-events/publications/facing-reality-law-enforcement-and-challenge-of-deepfakes#downloads (Accessed: 11 June 2024).
Keywords: Cybersecurity, Artificial Intelligence, Deepfake, Manipulation, Human influence, Misinformation, Social Engineering
DOI: 10.54941/ahfe1005592
Cite this paper
More from this volume
- Implementing an AI Fatigue Risk Management System for Aviation Maintenance SMS: A Technology Enhanced Critical Process Human Factors Safety Plan
- Deep Learning Forecast of Perceptual Load Using fNIRS Data
- Artificial intelligence in the function of improving port systems
- Formalizing Trust in Artificial Intelligence for Built Environment Decision-Making
- Artificial Intelligence and Design: Innovation, Practical Applications, and Future Creative Horizons
- Supporting Informal Sustainability Learning with AI-assisted Educational Technology
- An assessment of the maintenance of heritage buildings using AI and IoT: a South African perspective
- What if we Could Entangle Drones? Towards the Management of a Swarm of Drones as a Non-Local Quantum Object
- Engaging All Elderly Residents in Community Renewal: Designer Spotlight Interview Tool for LLM Building
- AI Play in Higher Education: Students’ perceptions of play and co-creation of knowledge with generative AI
- Optimizing AI Involvement in Engineering University Courses Based on Students' Personality
- Predictive Model for Partner Agencies Dependency on Food Banks