Corporate vulnerability: Deepfake threats surpassing ransomware

It's important to distinguish between disinformation and misinformation, terms that are often confused. The American Psychological Association describes misinformation as false content spread by individuals who believe it to be true. In contrast, disinformation is the intentional distribution of false information intended to cause harm. It is this latter category that poses a serious threat to companies.

Deepfakes, which are fabricated yet convincingly realistic video, audio, graphic, or text materials, have become a primary tool of disinformation. Advances in artificial intelligence, particularly generative adversarial networks (GANs), have significantly eased the creation of such content. In GAN technology, two neural networks collaborate—one generates false content while the other assesses its credibility, resulting in materials that are challenging to distinguish from genuine ones.

Cybercriminals employ various techniques to attack businesses. By obtaining samples of email correspondence and the victim’s address book, they use AI to craft personalised messages that mimic an individual's communication style. Such methods greatly enhance the effectiveness of phishing attacks, because the messages seem to come from trusted sources.

Criminals also create deepfakes that impersonate clients, business partners, or board members to sanction fraudulent transfers or transactions. According to Deloitte’s Centre for Financial Services, losses from AI-driven fraud in the United States are increasing by 32% annually and could reach $40 (£30) billion by 2027. There have already been instances where company accounting departments authorised transfers to criminals' accounts based on fake recordings of supposed superiors.

The 2024 Ironscales report indicates that nearly two-thirds of companies expect the number of attacks using deepfakes to soon outpace the number of ransomware attacks. Voice deepfakes are particularly threatening as they compromise the effectiveness of voice verification systems used in telephone banking.

It's worth noting that the creators of deepfakes aren't only hackers. They can also be disgruntled former or current employees familiar with the company’s internal processes. The threat might also originate from competitors or unscrupulous investors aiming to influence stock prices or bolster their negotiating stance.

Deepfakes are predominantly used to breach corporate security and tarnish brand reputations. Large, well-known enterprises are more frequently targeted, but smaller companies may suffer greater reputational damage as they find it tougher to counteract false narratives.

The phenomenon of repeatedly spreading even false information increases the chances that recipients will perceive it as true. Social media drastically accelerates the spread of disinformation, posing an additional challenge for companies striving to safeguard their reputation.

To effectively defend against deepfake fraud, companies should adopt a multi-layered approach to cybersecurity. This includes not only technological solutions but also adjustments in operational procedures and extensive employee training.

A Forrester report reveals that just 20% of surveyed companies have a communication and response plan incorporating deepfake attacks. Jim Richberg, Vice President of Cybersecurity Strategy and Global Security Leader at Fortinet, stresses that "deepfakes target the accuracy of the information we rely on as consumers, employees and investors. In cybersecurity, we often talk about the 'human firewall,' and deepfakes are a threat where people genuinely are your first line of defence."

IT and security teams should continuously track advancements in deepfake techniques and provide education to employees at all levels, including management. It is also beneficial to integrate deepfake threat monitoring into brand reputation protection strategies, including scanning the dark web, where early warnings of planned attacks may be detected.