Blake Dowling: Don’t believe your ears, here come the deepfakes

image001
Ransomware is not going away.

This year we saw ransomware attacks reign terror on cities throughout the state of Florida, I think I wrote three consecutive columns on the subject.

Then this summer we saw cities throughout the state of Texas also cyberassaulted is a similar way.

The point is, ransomware is not going away.

Be very careful with what you click: verify then click, invest in advanced threat protection, conduct phishing simulations, offer training and have a firewall/anti-virus/anti-spam bundle.

The cyber landscape is a bit like a college football playbook.

The hackers have myriad schemes to throw your way and you really don’t know what to expect.

I thought #6 (below) might have been severely dehydrated but this was actually a very eccentric designed play. In the hacker’s playbook, they are scheming some new plays to unleash on the world.

The first reports of hackers mimicking voices using artificial intelligence are now popping up in the news around the globe. Hackers are now using smart tech to record your voice and launch fraud by imitating the leadership in your organization.

FSU football draws up a very eccentric trick play this past weekend.

The first instance of this type of crime was reported about 10 days ago in Europe; it won’t take long for this to jump over the pond now that they have successfully pulled off the first reported incident.

So what exactly is the deal here? Hackers are using artificial intelligence to impersonate a CEO’s (or another decision-maker) voice and ask for money.

Just like less sophisticated social engineering attacks, the executives to be contacted are found on social media and corporate websites and actual partners and projects are located and referenced to add further authenticity to the fraud.

In this case, the victim was a UK energy firm CEO who thought he was speaking with the chair of their German-based parent company. The German head honcho instructed him to move $243,000 to a Hungarian supplier — and he did. Why wouldn’t he? T

his was not some email in broken English asking for money this was the boss’s voice giving him an order.

How does this work? Are you on TV, a podcast, radio, etc.?

If so, your voice can be harvested for potentially fraudulent activity. It’s along the same lines of sharing things on social media, the more you share the more likely your location, activities, business, co-workers, projects, etc. could become a target.

Also, if you receive a strange phone call from someone you do not know, hang up. This could be another way a criminal might get ahold of your voice for a potential crime.

Voice-mimicking software only needs a few sentences to get the sound of your voice right so do not engage in any dialogue when unknown parties on the phone.

The team at Knowb4 in Tampa (our partner for cyber training) was the first to bring this story to my attention and they warn that it could become the norm.

This type of crime utilizes a variation of what is called deepfake tech; which simulating appearances and/or sounds.

The vocal imitation is so new that there are not any vocal verification solutions in place or other protective measures. Perhaps a code word or phrase would be a good idea for exes, especially when hundreds of thousands or millions of dollars might be at risk.

Something like, blue horseshoe loves Anacott Steel.

There are legit companies working in the vocal space who keep a very close eye on this type of threat, as they don’t want their tools misused in any way shape or form.

At an I-10 truck stop on I-10, for those that enjoy the Knight Life.

Cyberattacks are menacing and constantly evolving, the arms race to protect everyone is in full swing.

If you need a visual analogy think of the armor and helmets you might see in a Loves Travel Stop on I-10 in Florida, they love the Knight Life at Love’s.

So anyway, when thinking about your cybersecurity, be thinking Armor, you want every tool at your disposal deployed to fight these various threats.

The fact that ransomware demands have gone from hundreds to tens of thousands to millions of dollars should be all you need to know about how series these threats can be.

The voice mimicking threat is new — and it’s real.

Make sure you are your team are ready for it and anything else that might be headed your way …

___

Blake Dowling is CEO of Aegis Business Technologies. He can be reached at [email protected].

Blake Dowling

Blake Dowling is CEO of Aegis Business Technologies. His technology columns are published by several organizations. Contact him at [email protected] or at www.aegisbiztech.com



#FlaPol

Florida Politics is a statewide, new media platform covering campaigns, elections, government, policy, and lobbying in Florida. This platform and all of its content are owned by Extensive Enterprises Media.

Publisher: Peter Schorsch @PeterSchorschFL

Contributors & reporters: Phil Ammann, Drew Dixon, Roseanne Dunkelberger, A.G. Gancarski, Ryan Nicol, Jacob Ogles, Cole Pepper, Jesse Scheckner, Drew Wilson, and Mike Wright.

Email: [email protected]
Twitter: @PeterSchorschFL
Phone: (727) 642-3162
Address: 204 37th Avenue North #182
St. Petersburg, Florida 33704