FEATURE
Adversaries to generate
deepfakes to bypass
facial recognition
Computer-based facial recognition, in its
earliest forms, has been around since
the mid-1960s. While dramatic changes
have since taken place, the underlying
concept remains: it provides a means
for a computer to identify or verify a
face. There are many use cases for the
technology, most related to authentication
and to answer a single question: is this
person who they claim to be?
As time moves on, the pace of
technology has brought increased
processing power, memory and storage
to facial recognition technology.
New products have leveraged facial
recognition in innovative ways to simplify
everyday life, from unlocking smart
phones, to passport ID verification in
airports and even as a law enforcement
aid to identify criminals on the street.
One of the most prevalent
enhancements to facial recognition
is the advancement of Artificial
Intelligence (AI). A recent manifestation
of this is deepfakes, an AI-driven
technique producing extremely realistic
text, images and videos that are difficult
for humans to discern real from fake.
Generative Adversarial Networks (GANs)
is a recent analytic technology that,
on the downside, can create fake but
incredibly realistic images, text and
videos. Enhanced computers can rapidly
process numerous biometrics of a face
and mathematically build or classify
human features, among many other
applications. While the technical benefits
are impressive, underlying flaws inherent
in all types of models represent a rapidly
growing threat, which cybercriminals will
look to exploit.
As technologies are adopted over the
coming years, a very viable threat vector
will emerge and we predict adversaries
will begin to generate deepfakes to
bypass facial recognition. It will be
critical for businesses to understand
the security risks presented by facial
recognition and other biometric systems
and invest in educating themselves
50
We predict the ability
of an untrained class
to create deepfakes
will enhance an
increase in quantity
of misinformation.
about the risks as well as hardening
critical systems.
Ransomware attacks to morph into
two-stage extortion campaigns
In McAfee’s 2019 Threat Predictions
Report, we predicted cybercriminals
would partner more closely to boost
threats; over the course of the year,
we observed exactly that. Ransomware
groups used pre-infected machines
from other malware campaigns or used
remote desktop protocol (RDP) as an
initial launch point for their campaign.
These types of attacks required
collaboration between groups. This
partnership drove efficient, targeted
attacks which increased profitability
and caused more economic damage.
In fact, Europol’s Internet Organised
Crime Threat Assessment (IOCTA)
named ransomware the top threat that
companies, consumers and the public
sector faced in 2019.
Based on what McAfee Advanced
Threat Research (ATR) is seeing in the
underground, we expect criminals to
exploit their extortion victims even more
moving forward. The rise of targeted
ransomware has created a growing
demand for compromised corporate
networks. This demand is met by
criminals who specialise in penetrating
corporate networks and sell complete
network access in one-go.
For 2020, we predict the targeted
penetration of corporate networks will
continue to grow and ultimately give way
to two-stage extortion attacks. In the
first stage cybercriminals will deliver a
crippling ransomware attack, extorting
victims to get their files back. In the
second stage, criminals will target the
recovering ransomware victims again with
an extortion attack but this time they will
threaten to disclose the sensitive data
stolen before the ransomware attack.
During our research on Sodinobiki
we observed two-stage attacks, with
cryptocurrency miners installed before
an actual ransomware attack took place.
For 2020, we predict that cybercriminals
will increasingly exfiltrate sensitive
corporate information prior to a targeted
ransomware attack to sell the stolen
data online or to extort the victim and
increase monetisation. u
Issue 21
|
www.intelligentciso.com