Ride the Lightning

High Alert: Deepfake Audios Now Impersonating Executives

July 22, 2019

As if deepfake videos weren’t driving us all crazy trying to discern the real from the unreal, now according to a report in CPO Magazine, voice-swapping has begun to be used in artificial intelligence (AI) cyber attacks on business, allowing attackers to gain access to corporate networks and persuade employees to authorize a money transfer.

The primary use of deepfake audio is to enhance a very common type of attack – business email compromise (BEC). A business email compromise attack usually begins with some sort of phishing to gain access to the company network and investigate the payment systems. Once attackers have identified the employees who are authorized to release payments and some of the regular transactions that occur, they impersonate a CEO or CFO to pass a false authorization for a payment to an entity which appears to be one of the company’s regular business partners.

Previously, hackers have relied on forging and spoofing emails to commit BEC. The ability to use deepfake audio enhance the attack. Attackers usually rely on pressure to carry off the attack, playing the role of the executive harrying the finance employee. The ability to call these employees up on the phone and use the technology to impersonate senior leadership not only adds to the authenticity of the request but dials up the pressure.

Deepfake audio is one of the most advanced new forms of AI cyber attacks relying on a machine learning algorithm to mimic the voice of the target. The AI uses generative adversarial networks (GAN) that constantly compete with each other; one creates a fake, the other tries to identify it as fake, and they each learn from every new attempt.

As with the fake videos, the attackers create a voice model by feeding the algorithm “training data”; all sorts of voice clips of the target, often collected from public sources like speeches, presentations, corporate videos and interviews.

However, deepfake audio is much more flexible than deepfake video at present. With deepfake video, the training model needs to be fed a base video to swap the target’s face onto. Once a robust enough deepfake audio profile is built, it can be used with specialized “text-to-speech” software to create scripts for the fake voice to read.

Not to say that creating deepfakes audio is easy or cheap – it takes time and money, which is bar to many attackers. The most advanced of these can create a voice profile by listening to 20 minutes of audio, but in most cases the process is much longer and is very resource-intensive.

Dr. Alexander Adam, data scientist at AI training lab Faculty, estimates that training a very convincing deepfake audio model costs thousands of dollars in computing resources. However, the attacks seen in the wild thus far have cleverly used background noise to mask imperfections, for example simulating someone calling from a spotty cellular phone connection or being in a busy area with a lot of traffic. I’ve got to admit – these people are crafty.

Reports on these new AI cyber attacks come from leading security firm Symantec and The Israel National Cyber Directorate (INCD), which have each issued a warning in the last several weeks.

Symantec elaborated on the computing power and the voice resources needed to create a convincing deepfake, noting that the algorithm needs an adequate amount of speech samples that capture the speaker’s natural speech rhythms and intonations. That means that attackers need access to a large body of clear voice samples from the target to properly train the algorithm. It would be prudent for upper-level executives that have the authority to issue payments to review their available body of public audio to determine how much of a risk there is, and perhaps implement added verification requirements for those individuals. Of course, the possibility that an attacker might engage a target in a phone or in-person conversation to obtain the voice data they need should also be considered as this takes its place among the more common AI cyber attacks.

Symantec is working on analysis methods that could review the audio of a call and give the recipient a probability rating of how authentic it is. There are existing technological means to prevent these attacks, but at present would be expensive to implement and are not yet readily positioned to be adopted to addressing deepfake audio calls. One such possibility is to use a certification system for inter-organizational calls. Another is the use of blockchain technology with voice-over-IP (VoIP) calls to authenticate the caller. As you can imagine, it is (as they say) complicated.

While we wait for new technology, protection against these new AI cyber attacks ties in with basic cybersecurity in handling all forms of BEC and invoicing fraud – the foundation is employee education. Most employees are not aware of what deepfake videos are, let alone the possibility that faked audio can be used to simulate a call from a superior. Education can motivate an employee to question an unusual payment or network access request.

In addition to training, fundamental BEC protection methods like filtering and authentication frameworks for email can help to stop these attacks by preventing cyber criminals from phishing their way into the network. Standard payment protocols that require multi-factor authentication or a return call placed to the authorizing party also do a great deal to shut even the most advanced AI cyber attacks down.

So . . . as I read this sobering article, all I could think was “We’ve got another employee training in a week – time to update the PowerPoint.” Amazing how often the news generates that thought!

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson