Darkreading.com reported that “As applied use of AI/ML [Artificial Intelligence/Machine Learning] starts to advance and spread throughout a plethora of business and technology use cases, security experts are going to need to help their colleagues in the business start to address new risks, new threat models, new domains of expertise, and, yes, sometimes new security solutions.” The December 30, 2019 report entitled “How AI and Cybersecurity Will Intersect in 2020” included these comments about topic #2 Deepfake Audio Takes BEC Attacks into a New Arena:
Business email compromise (BEC) has cost organizations billions of dollars as attackers pose as CEOs and other senior-level managers to trick people in charge of banking accounts to make fraudulent transfers in the guise of closing a deal or otherwise getting business done.
Now attackers are taking BEC attacks to a new arena with the use of AI technology: the telephone.
[2019] This year we saw one of the first reports of an incident where an attacker used deepfake audio to impersonate a company CEO over the phone in order to trick someone at a British energy firm to wire $240,000 to a specious bank account.
Experts believe we will see increased use of AI-powered deepfake audio of CEOs to carry out BEC-style attacks in 2020.
Here are all 6 risks and threats in the report:
- AI/ML Data Poisoning and
Sabotage
- Deepfake Audio Takes BEC Attacks into
a New Arena
- AI-Powered Malware Evasion
- Biometric's Cat-and-Mouse
Game
- Differential Privacy Gains Steam to
Protect Analytics Data
- Hard Lessons About AI Ethics and
Fairness
No doubt that AI will be exposed to cyber risk in 2020!
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.