Fake News, Deepfake Threats in Play for Security Providers
Battling these emerging threats presents a new opportunity for MSSPs. Here’s how.
July 26, 2019
MSSPs are aware that the attack surface is expanding. But they might not yet realize that it’s branching out into new spaces like fake news too.
Fake news and deepfake threats are “not exactly a cybersecurity issue in terms of the usual data theft or operational disruption of services,” said Chris Morales, head of security analytics at Vectra. Instead, fake news and deepfakes threaten a company’s reputation or brand value and can be extremely damaging. Can MSSPs help protect against these attacks too? And if so, could this be a new revenue stream for security providers?
Framing the Fake News and Deepfake Threats
Deepfake videos are already making an impact on companies — even on tech companies with software in place to detect and quell fake news. For example, a deepfake video of Facebook’s Mark Zuckerberg recently tested the social media giant’s fake video policies and broke through its safeguards.
Deepfakes can take many different approaches in the quest to harm a brand or individual. Some examples include fake sex tapes, political statements, urgings of civil unrest, racist or sexist commentary, crime surveillance videos, and other damaging “evidence” of misdeeds. Deepfakes and fake news threats can also serve as extensions to, or improvements upon, existing threats like phishing.
Webroot’s Hal Lonas
“Cybersecurity professionals know that this technology is now being used to create high-fidelity phishing attacks where the phishing target – such as a financial institution, health care provider, auction site, or email provider – is indistinguishable from the real entity,” explains Hal Lonas, chief technology officer at Webroot.
“You can also imagine scenarios where a competitor creates a deepfake video with another company’s CEO making false statements, or user testimonials reporting problems with the company’s products. As a result, MSSPs and MSPs should consider ways to help protect themselves and their customers.”
Often victims have no idea the deepfakes or fake news is on the internet until it’s spread too far to stop and the damage is done. There are no data backups or antivirus software capable of finding these threats, much less stopping them.
How MSSPs Can Help Stem Fake News, Deepfake Threats
“If as an MSSP you are supporting the security risk-management process for your customers, then the risks associated with fake news should definitely be considered,” said Joakim Sundberg, CEO and Founder of Baffin Bay Networks.
Baffin Bay’s Joakim Sundberg
“Many of the risks can vary quite a bit based on the industry verticals you support,” Sundberg added. “As you’re considering the who, the how and the whys of fake news, it is important to consider future uses by customer’s competitors, disgruntled former employees, hacktivists and potentially organized crime if they figure out a way to monetize it.”
While there are some tools and platforms that can assist MSSPs in dealing with this line of threats, new AI applications look to be the best counter to the AI creating this stuff in the first place. But that’s not to say this will be an easy task.
The sheer scale of proactive monitoring and news validation is daunting and “very tedious using human capital,” says Morales. This makes it a perfect candidate for …
… machine learning and automation.
“Even then, it would still be difficult to properly validate every news story and to identify every possible source. I would think a machine-learning engine would start with the most popular social media sites like Facebook and Twitter. It would then correlate stories on those sites with news releases from the company’s website and any valid media that was fed to the engine,” said Morales.
Vectra’s Chris Morales
“I think a valid service would have to go to this level to be accurate. There’s too much room for human error here,” Morales added.
Moneymaking Potential for MSSPs and MSPs
While it’s clear that the bad guys are looking for ways to monetize fake news and deepfakes and settling for indirect rewards like revenge and activist payback in the meantime, MSSPs and MSPs are looking hard at monetizing this new line of defense – directly or indirectly – too.
“There is an opportunity for managed service providers to focus on selling cybersecurity solutions and data protection offerings to help businesses quickly get on their feet when an incident occurs. Such solutions help the service providers to deliver more customer value, and ultimately justify per-seat increases in revenue,” explained Lonas.
There is the impact on your own MSSP or MSP brand as well to consider while making your monetization plans.
“This particular set of risks is still in an emerging state and likely to grow over time. Part of staying relevant in the security industry is understanding emerging issues and considering how to address them. So, short term, it may be a market differentiator for MSSPs that choose to consider fake-news risks, and long term it will likely be a requirement of distinguishing customers,” said Sundberg.
For those with the chops to innovate, developing a custom approach to mitigate these emerging risks would likely result in a strong market advantage that would last for years.
“As GPUs, video editing and production tools continue to evolve, more and more image compute horsepower is being put in the hands of bad actors. Perhaps the scariest scenario is the use of AI becoming a component of the production of fake news threats like deepfakes, where it could be used to automatically edit out artifacts and glitches that can be used today to differentiate between real and fake,” said Lonas.
“The industry should be thinking about how to turn this on its head, potentially using that same AI technology to help combat these threats,” Lonas added.
Tips on Addressing Fake News and Deepfake Threats
Because fake news and deepfakes aren’t new – just more efficiently produced and distributed given the advances in technology – earlier protective measures can be adopted, upgraded and put into play.
“Accurate threat intelligence can combat fake news and deepfake threats. It’s important that the threat intelligence be fully integrated with the end user’s technology; threats change moment to moment and static lists are no longer sufficient defense against modern threats,” said Lonas.
But there are other tips …
… that may help MSSPs and MSPs begin to get a handle on these revitalized threats. Webroot’s Lonas said these are his top tips:
Like many other cyberthreats, education is crucial to addressing this. Incorporating resources like security awareness training can help MSSPs, and ultimately their customers, stay up to date on the latest attack techniques, including fake news threats, with real-world examples to reduce their risk exposure.
Cutting-edge phishing detection technology can also protect users at the endpoint or network level. While fake news and deepfakes are very difficult to detect by humans, machine learning and artificial intelligence can produce super-accurate threat intelligence to counter these threats.
Baffin Bay Networks’ Sundberg offered these tips for MSSPs:
There are a handful of threat intelligence platforms that aggregate social media and news sources and can be used for brand and reputation monitoring. This type of platform, along with trained threat intelligence analysts is a potentially effective way of monitoring for and addressing potential issues. There is a great educational resource on “Data Reasoning in the Digital World” here.
As we consider fake news and disinformation campaigns, it’s important to note that they aren’t new, they have just become much more effective. The most effective campaigns are also in large part government-sponsored activity, and we know that over time these activities tend to be adopted by other types of attackers. One of the first people I followed to get a better understanding of Russian disinformation campaigns is Professor Kate Starboard at University of Washington.
You can build incident response practices to limit reputation damage and other exposures should your customers be impacted directly or indirectly by fake news. You can offer brand monitoring and other social media monitoring to identify potential impacts on your customers.
You can support the contracting efforts of your customers to add protections when they are contracting with advertisers or other businesses that have a potential to expose them to issues through association with fake news.
You can offer employee education on social media risks. You can support your customers’ development of policy and guidelines around social media usage. You can support creating streamlined process for handling abuse complaints and takedown and content takedowns.
Read more about:
MSPsAbout the Author
You May Also Like