Features Bylines Cyber Crime & Forensic Cyber Safety Threat Detection & Defense

Future-proof Against Deepfakes: A Crucial Defence Against Digital Deception

Johan Fantenberg October 16, 2024

3 minutes read

Deepfakes are artificial media that have created quite a stir in our world of digital firsts. Political deepfakes can take different forms. Earlier this year, a deepfake video “resurrecting” Indonesia’s late President Suharto surfaced online while India saw famous actors being featured in manipulated deepfake videos prior to India’s 2024 Lok Sabha elections. Such videos can greatly influence a country’s election – the way campaigning is done, as well as the results.

The convincing nature of today’s digitally changed photographs is demonstrated by the fact that 52% of 700 IT worldwide decision-makers questioned by Ping Identity expressed doubt about their ability to identify a deepfake CEO. Given how advanced deepfakes have become, it may not be unexpected that this stark assessment of the state of affairs has been made.

It is impossible to overstate the power of deepfakes to spread misinformation that can sabotage democratic processes, damage people’s reputations, and spark civil unrest, especially in light of the growing influence of digital media in social media, news broadcasting, and political campaigns.

The study also reveals that 99% of APAC organisations questioned reported having trouble with identity verification. It’s hardly shocking that just 53% of respondents use a one-time passcode and even fewer (48% use digital credential issuance and verification) to guard against fraud.

Although nearly half of those asked stated they were not very confident they had the infrastructure in place to guard against AI assaults, 86% of organisations in Asia Pacific expect the adoption of AI by cybercriminals to increase the number of identity-based threats.

Because attackers can now be significantly more sophisticated thanks to artificial intelligence, this necessitates authentication and verification services. It takes strategic planning and well-thought-out tactics that are up to date with the most cutting-edge technologies available today to thwart these attacks. Companies that offer authorisation, verification, and authentication technology to businesses for their employees and clients are poised to combat rising security issues.

The survey indicates that just 37% of respondents claimed to have implemented a strategy to use Decentralised Identity (DCI) as a protection against fraud, but more are starting to offer DCI. By empowering people to own and manage their identity data, DCI solutions improve security and privacy while lowering reliance on centralised data systems. These credentials provide people with an impenetrable means of self-authentication. By instantaneously building trust with people based on their digital credentials, DCI lowers the risk of identity theft for individuals and enhances security for companies. However, that is only one aspect of a comprehensive plan.

Clear guidelines are essential

It is imperative for leaders to establish clear and concise policies inside their businesses. CEOs and their teams should create clear guidelines to reassure employees that they won’t ever be asked to perform odd or unexpected tasks, including buying gift cards—a common phishing tactic. Over time, scammers will shift from targeting CEOs to assuming the virtual identities of other employees. Organisational readiness is essential since these con artists will target everyone, including directors, vice presidents, and colleagues.

The potential risks associated with utilising deepfake technologies on business tools should be taken into account by the corporate sector. The first line of protection against these risks is the establishment of these guidelines.

Using multiple methods to verify requests

Organisations that want to combat deepfakes successfully need to employ a variety of authentication strategies. For example, today’s fraudsters are not deterred by a single form of authentication, such as a fingerprint or facial recognition system. You need many authentication components to prevail in the fight without compromising the user’s frictionless experiences.

Strategies to improve resilience against deepfakes and phishing attempts include prioritising cybersecurity awareness training across the organisation and creating a positive environment where reporting of anything suspicious is easy and encouraged. Organisations should have strong access controls in place and use strong phishing resistant authentication methods to avoid account takeovers, continuously analyse contextual risk signals and consider strong multi-party approvals for significant business transactions. Additionally, organisations should consider in-app authentication capabilities that can be used to request confirmation from a user by using a securely enrolled mobile device with push notifications or digital identity wallets.

Creating Awareness

Consistent training is the main factor that determines an employee’s awareness of deepfakes and other identity theft techniques. This kind of training will educate employees—who may not be familiar with deepfakes—and emphasise the importance of being on the lookout for false material on the internet. If employees aren’t constantly reminded of the dangers of deepfakes, they could get complacent and leave the organisation vulnerable to cyberattacks.

The saying “Trust nothing, verify everything” aptly describes the state of the world today. Put otherwise, until anything is verified, it cannot be considered authentic. These days, sophisticated and frequent deepfakes are a common occurrence in our communities. As a result, companies need to have clearly established procedures, several channels for request validation, and ongoing training. This enables them to deal with the dangers of this day and age with confidence.