NSA, FBI and CISA Release Cybersecurity Information Sheet On Deepfakes And Their Threats To Organizations

The NSA, FBI and CISA have released a CSI or cybersecurity information sheet called Contextualizing Deepfake Threats to Organizations. Here’s the TL:DR via this media alert:

Today, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity Information Sheet (CSI), Contextualizing Deepfake Threats to Organizations, which provides an overview of synthetic media threats, techniques, and trends. Threats from synthetic media, such as deepfakes, have exponentially increased—presenting a growing challenge for users of modern technology and communications, including the National Security Systems (NSS), the Department of Defense (DoD), the Defense Industrial Base (DIB), and national critical infrastructure owners and operators. Between 2021 and 2022, U.S. Government agencies collaborated to establish a set of employable best practices to take in preparation and response to the growing threat. Public concern around synthetic media includes disinformation operations, designed to influence the public and spread false information about political, social, military, or economic issues to cause confusion, unrest, and uncertainty.

The authoring agencies urge organizations review the CSI for recommended steps and best practices to prepare, identify, defend against, and respond to deepfake threats.

Allen Drennan, Principal & Co-Founder, Cordoniq had this to say:

“The threat of deepfakes has been an ongoing challenge, however with the introduction of unregulated AI data mining that could provide unfettered access to media, this elevates the threat to a whole new level. Consumers who have provided photos, videos, audio and recordings to third-party social networks, email host providers and even online meeting solutions may find that their likeness is easily consumed by AI training models to better recreate deepfakes that not only look and sound like their intended target but also behave like them. Since many of these organizations maintain information for protracted periods of time as part of their terms of service, consumers may find these AI models can train against their likeness retroactively. Federal regulation of privacy as it relates to consumer provided content to companies and organizations is critical in preventing the wide-spread use of deepfakes.”

This cybersecurity information sheet is very much worth reading as this is an emerging threat that all should take seriously. And with emerging threats, it’s better to get out front of them rather than be on the defensive.

Leave a Reply

%d bloggers like this: