Connect with us

Hi, what are you looking for?


Fraud & Identity Theft

US Agencies Publish Cybersecurity Report on Deepfake Threats

CISA, FBI and NSA have published a cybersecurity report on deepfakes and recommendations for identifying and responding to such threats.

Deepfake cybersecurity

Several US government agencies on Tuesday published a cybersecurity information sheet focusing on the threat posed by deepfakes and how organizations can identify and respond to deepfakes.

Deepfake is a term used to describe synthetic media — typically fake images and videos. Deepfakes have been around for a long time, but advancements in artificial intelligence (AI) and machine learning (ML) have made it easier and less costly to create highly realistic deepfakes. 

Deepfakes can be useful for propaganda and misinformation operations. For example, deepfakes of both Russia’s president, Vladimir Putin, and his Ukrainian counterpart, Volodymyr Zelensky, have emerged since the start of the war.

However, in their new report, the FBI, NSA and CISA warn that deepfakes can also pose a significant threat to organizations, including government, national security, defense, and critical infrastructure organizations. 

“Organizations and their employees may be vulnerable to deepfake tradecraft and techniques which may include fake online accounts used in social engineering attempts, fraudulent text and voice messages used to avoid technical defenses, faked videos used to spread disinformation, and other techniques,” the agencies said. “Many organizations are attractive targets for advanced actors and criminals interested in executive impersonation, financial fraud, and illegitimate access to internal communications and operations.”

Specifically, malicious actors could, for instance, create video and audio content impersonating executives for brand manipulation or in an effort to influence stock prices. 

Another example involves cybercriminals using deepfakes for social engineering. This can include business email compromise (BEC) attacks and cryptocurrency scams.  

Advertisement. Scroll to continue reading.

Deepfakes could also be leveraged to impersonate someone in an effort to gain access to a user account or valuable data, such as proprietary information, internal security details, or financial information. 

To show that deepfake threats are not just theoretical, the agencies provided two real-world examples of attacks that occurred in May 2023. In one of the attacks, a malicious actor used synthetic audio and visual media techniques to impersonate a CEO and target the company’s product line manager. 

In the second incident, profit-driven cybercriminals used a combination of audio, video and text message deepfakes to impersonate an executive and attempt to convince an employee to wire money to the attackers. 

The report provides a summary of current efforts to detect deepfakes and authenticate media (for example, watermarks). The list includes initiatives from DARPA, DeepMedia, Microsoft, Intel, Google, and Adobe. 

The agencies have made a series of recommendations for implementing technology to detect deepfakes and demonstrate media provenance. In addition, they urge organizations to protect the data of important individuals that may be targeted — deepfakes are more realistic if the attacker possesses the target’s personal information and has significant amounts of unwatermarked media content that they can feed to their deepfake creation software. 

Organizations are also advised to implement measures that can help minimize the impact of deepfakes. This includes creating a response plan in case executives are targeted (including conducting tabletop exercises), sharing experiences with the US government, and training personnel to spot deepfakes. 

Related: Pre-Deepfake Campaign Targets Putin Critics

Related: The Growing Threat of Deepfake Videos

Related: Defeating the Deepfake Danger

Related: Deepfakes – Significant or Hyped Threat?

Related: Deepfakes Are a Growing Threat to Cybersecurity and Society: Europol

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.