NCRCG CyberVersed Podcast: Episode 43 - Deep Fakes

The National Cyber Resilience Centre Group have just released Episode 43 of their podcast, 'CyberVersed', speaking about the issue of deep fakes.

In episode 43, Mandy Haeburn-Little is joined by Joseph Boland-Scott, Security Product Marketing Lead at Microsoft, to discuss the topical issue of Deep Fakes.

In a light-hearted start to the conversation, Mandy opens by asking Joe how she can be sure that it really was him on the call. Joe responds by providing some great suggestions about how you can look out for specific audio or video cues to help spot fake audio and video.

Joe goes on to explain the difference between Deep Fake and AI-generated content; in general terms, he explains that AI content is created from scratch for legitimate purposes, whereas Deep Fake is more about image, video and voice manipulation and is more often than not used much more for malicious purposes.

Mandy and Joe then chat about the areas we are seeing Deep Fakes being used, to which Joe provides some of the more common examples, such as in the onboarding of new employees remotely, where the team has never met the new employee. In these helpdesk vulnerabilities, cybercriminals are posing as current employees looking to restore access to their devices.

Mandy then asks what you should do when you suspect something is not quite right. Joe outlines typical things to look for when you don't feel everything is 100% right. Primarily, question if the person you think you're speaking to would contact you on a particular channel, or would they make such a request at an unusual hour?

By way of encouragement, Joe points to the fact that people are generally much more aware of telephone scamming than they were a few years ago. So, he suggests, in the same way, people will get better at questioning the authenticity of audio and video content. However, he emphasises that awareness is only a small part of the solution; there is a need for much greater collaboration among tech, policy and education to combat the increasing criminal use of Deep Fake.

It is a fascinating insight into the world of Deep Fakes, and how to identify and protect yourself against this growing threat.

Microsoft has many resources and guidance to help with cybersecurity awareness. You can explore these here.

Joe also refers to Microsoft's Digital Defence Report, which you can download here.

If you would like to listen to the podcast, you can find this episode below or listen via the NCRCG website.

Reporting a live cyber-attack 24/7:

If you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress) please call Action Fraud on 0300 123 2040 immediately. This service is available 24 hours a day 7 days a week.

Reporting a cyber-attack which isn’t ongoing:

Please report online to Action Fraud, the UK’s national reporting centre for fraud and cybercrime. You can report cybercrime online at any time using the online reporting tool, which will guide you through simple questions to identify what has happened. Action Fraud advisors can also provide the help, support, and advice you need.

Alternatively, you can call Action Fraud on 0300 123 2040 (textphone 0300 123 2050).