今天,人工智能深度造假已经进入了炒作周期 CFO who was tricked into paying $25M to a scammer.
对于各种类型和规模的组织来说,这是一个非常现实和当前的威胁. 尽管围绕深度造假的监管格局仍在努力实现深度和广度的平衡, 所有的商业领袖都应该准备好应对不可避免的攻击(目前), there’s no federal law governing deepfakes, 尽管在美国的一些国家,制作和/或传播深度造假是非法的.S. states).
For those new to this technology, 深度伪造是指人工智能生成的视频或音频片段,使其看起来好像有人在说或做他们从未做过的事情. 在这个例子中,一名财务人员被骗处理了一个 $25.6 million payment to scammers 利用深度人工智能在电话会议上冒充公司的首席财务官(事实上, every single person on the call was fake). 以下是一些帮助预防和检测深度造假的技巧.
How to Prevent Deepfakes at Your Business
- Start with prioritizing cyber awareness training
- 对某些金融交易纳入确证的口头和/或实际批准程序
- 与其他组织领导保持一个秘密的暗语
- 通过桌面测试场景测试您对各种事件的响应
- 加强和测试逻辑安全控制(MFA、密码管理或PAM工具等).)
How to Detect Deepfakes at Your Business
There are several signs of deepfakes which, when you know what to look for, are still perceptible to your human eye. Be on the lookout for:
- Any irregularities on the skin or body parts
- Blurred or misaligned visuals
- Inconsistencies in audio/video
- 不自然的颜色/形状(嘴唇、牙齿、皮肤颜色或面部毛发)
- Unrealistic beauty marks on the face
- Unusual emotional response
- 不寻常的眼球运动或眨眼,嘴/身体运动或姿势或面部表情
- Unusual glare on eyeglasses
- Unusual shadows around the body or eyes
From a software perspective, 你还应该考虑自动寻找人工智能生成的故障和模式的工具,通过标签差异将合法音频/视频与假音频/视频区分开来, digital fingerprints and reverse image searches.
深度伪造攻击的复杂性和准确性正在迅速发展, 如果不能迅速认识到这些攻击的真正潜力,可能会对所有行业的企业产生严重影响.
About Schneider Downs Cybersecurity
施耐德唐斯网络安全实践由提供全面信息技术安全bet9平台游戏的专家组成, including penetration testing, intrusion prevention/detection review, ransomware security, 脆弱性评估和一个健壮的数字取证和事件响应团队. In addition, our Digital Forensics and Incident Response 如果您怀疑或正在经历任何类型的网络事件,团队可以拨打1-800-993-8937,24x7x365.
Want to be in the know? Subscribe to our bi-weekly newsletter, Focus on Cybersecurity.
To learn more, visit our dedicated Cybersecurity page.