Since their appearance in December 2017, deepfakes, videos with an almost perfect face replacement created by a neural network, have caused panic among experts. Many, for example, were then afraid that now “revenge porn” would become even easier, when an ex-boyfriend with a sufficiently powerful PC could make any dirty porn with his girlfriend. And Natalie Portman and Scarlett Johansson, about whom a lot of deepfake porn was filmed, publicly cursed the Internet.
To combat the looming threat, Facebook and Microsoft recently put together a coalition to fight deepfakes, offering a $10 million prize fund to developers who come up with the best algorithms to detect them. That's on top of DARPA, the Defense Department's research agency, which has committed $68 million to the effort over the past two years.
Well, it's already late. The first deepfake crime has already taken place.
In March of this year, the managing director of a British energy company was robbed of €220,000 (about $240,000), according to the Wall Street Journal. He sent this money to the supplier company in Hungary because his boss, the head of the parent company in Germany, confirmed this instruction to him several times. But in reality, some cunning attacker simply used software with AI technologies to replace the face and voice of the executive in real time, and demand that he pay him within an hour.
The program the thief used was able to completely imitate a person's voice: tone, punctuation, even a German accent. The message came from the boss's address in Germany; in confirmation, an e-mail with contacts was sent to the British director. It was possible to assume that something was going wrong except at the request of the boss to carry out the entire transaction as quickly as possible, but this is not the first emergency that happened in their business.
As a result, all the money was gone. From the Hungarian account they were transferred to Mexico, and then scattered around the world. But the thieves didn't stop there. They asked for a second urgent transfer so that “deliveries from Hungary” would “go even faster.” At this point the British director sensed something was wrong and called his real boss. It turned out to be somewhat surreal: he took turns receiving calls from either a fake or a real leader, speaking in the same voices. The name of the company and its employees have not been disclosed because the case is under investigation and the thieves have not yet been found.
This may not even be the first theft using Deepfake AI (or its advanced successors). Symantec says it has spotted at least three cases in which voice replacement helped thieves trick companies into sending them money. In one of these cases, damages amounted to millions of dollars. Moreover, judging by indirect evidence, this trick was performed by other criminals - not those who robbed the British CEO. That is, deepfake crimes are gradually becoming common property; this is not the invention of some brilliant hacker.
In fact, soon any schoolchild will be able to do this procedure. The main thing is to find a sufficiently gullible victim and collect the required number of video/audio samples to impersonate whoever is needed. Google Duplex already successfully mimics the voice of a real person in order to make calls on their behalf. Many small startups, mostly from China, are working to offer deepfake-like services for free. Different deepfake programs even compete with each other to see who can generate a convincing enough video of a person using the minimum amount of data. Some say that soon one photo of you will be enough for them.
In July, Israel's National Cyber Threat Defense Authority issued a warning about a fundamentally new type of cyber attack that could be aimed at company management, senior employees and even high-ranking officials. This is the first and currently the most real AI threat. They say there are already programs that can perfectly convey your voice and accent after listening to you for 20 minutes. If somewhere online there is a recording of you speaking for half an hour, or if someone sat next to you for a while in a cafe with a voice recorder, your voice can now be used to say anything to anyone.
So far there are no tools to combat this. There is only one option to defend yourself. If someone calls you and asks you to transfer a significant amount of money, it would not be superfluous to confirm that this is the same person through another channel. Through instant messengers, Skype, e-mail, corporate channels or social networks. And ideally, of course, face to face.
Well, if you have deep knowledge of machine learning and don’t mind getting a piece of the $10 million pie, you can try your hand at the Microsoft and Facebook competition. Or establish your own startup, offering the state and reputable companies a business solution for identifying deepfakes by picture or voice. We will soon not be able to do without this.
P.S. Pochtoy.com can deliver any goods from the USA. Now - not only to Russia, but also to Ukraine, thanks to cooperation with Novaya Poshta. The cost of a 0.5 kg parcel starts from $11.99 (for Ukraine – from $8.00). For new registrations with promo code HABR - 7% discount on the first delivery, plus free purchase from American stores by our operators.
