4 in 10 businesses have already seen deepfakes, injection attacks
Deepfakes have suddenly become much easier to create with the launch of generative AI based on large-language models. Over 40 percent of businesses or their customers have already encountered deepfake attacks, and nearly as many have experienced injection attacks, according to survey results shared by ID R&D CEO and Co-founder Alexey Khitrov in a Biometric Update webinar last week.
The figures could be even higher, as some are likely to have experienced attacks they are not yet aware of. How much of a threat this development poses to the field of biometrics and to cybersecurity in general was discussed in-depth with Frances Zelazny, CEO and co-founder of Anonybit.
They agreed that sophisticated attacks pose a threat that most organizations are still vulnerable to somewhere within their business processes.
The good news, Zelazny says, is that the basic concepts behind even attacks made with the newest technologies are familiar to professional in the field of cybersecurity. Between the best practices already established within the industry, and the technologies that Khitrov believes are already capable of spotting even sophisticated fakes, so long as they are properly implemented.
Zelazny emphasizes the need for the many parts in the lifecycle of the customer identity to be connected properly to each other. A robust biometric identity verification process during enrollment may catch deepfakes and injection attacks, for example, that are subsequently allowed into the system through a less-robust account recovery process.
The tendency of many businesses to respond to identity fraud challenges by collecting more personal data runs the risk of exacerbating the problem if the stored data is not adequately secured. Breached data both provides the data attackers need to break through the weak point in businesses’ defenses, but also fuels the training of deepfakes used in biometric presentation or injection attacks.
The webinar is available for free on-demand with registration.