Let's talk about deepfake AI. We've just had a really interesting cyber threat actor use deepfake AI video to steal $25 million. We need to talk about what deepfake is, how it came to be where it is, and what it's going to mean for your businesses. Deepfake AI started as joining modern movie magic with some really interesting AI-enabled training algorithms. If you've seen some of the Star Wars films recently, you've seen some long-gone actors that had bit parts in them. And that's essentially what this is.
Deepfakes Featuring Celebrities, Sometimes for Sales Purposes
Deepfakes involve training an algorithm to fake a human being in pretty much every way. And this recently happened, as I said, $25 million just got stolen. That's no small amount of money. We've got tons of these things everywhere. On the news right now, they're talking about some Taylor Swift images that are wildly fraudulent, and we've seen some equally fraudulent sales techniques. You can see Joe Rogan, Barack Obama, Donald Trump, and other Internet business and political personalities saying things and selling things that they've never taken part in, they've never had anything to do with. Not all of the videos are great. Not all of the deepfakes are great. Some of them, however, are really quite extraordinary. The real risk with deep fakes right now is phishing. That's spelled P-H-I-S-H-I-N-G. This is the cyber threat that's always been around. It started with emails.
Phishing Emails, Voice Mails, and Now Videos
We used to would get an email from somebody asking us to send some money somewhere. Early last year, this fraud spread to voicemails. There are so many things that can copy the human voice. You can go to a website right now and have Morgan Freeman say anything you want him to say. And of course, Morgan Freeman has absolutely nothing to do with those websites. Now they've moved it to live video. This is where things get really bad. The funny thing is that the training for the AI algorithms was done from the images and videos that companies put on their own websites. We're actually giving the hackers the tools they need to copy us. Really quite interesting.
$25 Million Deepfake Video Fraud
Now the story of what just happened. If you look on CNN and some other news sites, you'll find a Hong Kong finance employee was just tricked by live deep fake video into sending $25 million somewhere. That money is gone. It's not coming back. But he was not only fooled by seeing his CFO on the screen talking to him, but there were also other coworkers on that same meeting. They were all deep fakes. This is all AI-driven live video. That is a genuine, almost staggering step up in deep fake capability. We need to pay attention.
How to Prepare for Deepfake Video Fraud
Your current systems at your company are not ready for this, I promise you. So, what can we do? Well, there are now AI countermeasures that are built to spot fakes. These are coming out as we speak. But that's an arms race. That's something that's never going to end. This is just like what we're doing with hackers now. Where they improve, we improve, then they improve, we improve. It goes back and forth. There are regulations being discussed to try to stop this, but getting the toothpaste back into the tube once you've squeezed it is almost impossible. And we need to recognize that. What we need to do is we need to create manual and automated controls, non-bypassed RPA type controls, something that can't be gotten around so that no C-level executive on a videocall alone can authorize a financial transaction anymore. We've got to have a secondary system in place, and again, something that can't be bypassed.
That's the only way we're going to be able to protect ourselves. If you need help working with those controls and policies, give us a call at Altiam Digital. This is what we do, but above all, we need to recognize that in a world of deepfake AI, seeing is not always believing. Not anymore.
