Don’t discount the risk of deepfakes to the enterprise
Many security researchers are now predicting that deepfakes could become a major security threat in the 2021-2022 period. Where is the threat and what can you do about it?
Social engineering is a defined domain within the social sciences that focuses on efforts to influence particular attitudes and social behaviors. In recent years, there has been a recognition that social engineering plays a huge part in the execution of cybersecurity attacks. Specifically, social engineering in a technical context can be defined as the act of exploiting human weaknesses to gain access to personal information and protected systems; it relies on manipulating individuals rather than hacking computer systems to penetrate a targeted system.
Traditionally, social engineering techniques have been categorized as either physical or non-physical (often termed “technical” where computer systems are used as the basis for attack). Physical manifestations of social engineering involve a physical act on the part of the criminal that grants access or steals information. Non-physical social engineering involves use of authority, playing on emotions such as greed, curiosity and anger as well as the use of impersonation. The intersection of “non-physical” and “technical” social engineering is where criminals are mostly focused today.