False Face: Unit 42 Demonstrates the Alarming Ease of Synthetic Identity Creation
Contents
Executive Summary
Evidence suggests that North Korean IT workers are using real-time deepfake technology to infiltrate organizations through remote work positions, which poses significant security, legal and compliance risks. The detection strategies we outline in this report provide security and HR teams with practical guidance to strengthen their hiring processes against this threat.
In our demonstration, it took just over an hour with no prior experience to figure out how to create a real-time deepfake using readily available tools and cheap consumer hardware. This allows adversaries to easily create convincing synthetic identities, enabling them to operate undetected and potentially generate revenue for sanctioned regimes.
While we can still detect limitations in current deepfake technology, these limitations are rapidly diminishing. Organizations must implement layered defenses by combining enhanced verification procedures, technical controls and ongoing monitoring throughout the employee lifecycle.
Palo Alto Networks customers are better protected from the threats discussed in this article through Unit …
Evidence suggests that North Korean IT workers are using real-time deepfake technology to infiltrate organizations through remote work positions, which poses significant security, legal and compliance risks. The detection strategies we outline in this report provide security and HR teams with practical guidance to strengthen their hiring processes against this threat.
In our demonstration, it took just over an hour with no prior experience to figure out how to create a real-time deepfake using readily available tools and cheap consumer hardware. This allows adversaries to easily create convincing synthetic identities, enabling them to operate undetected and potentially generate revenue for sanctioned regimes.
While we can still detect limitations in current deepfake technology, these limitations are rapidly diminishing. Organizations must implement layered defenses by combining enhanced verification procedures, technical controls and ongoing monitoring throughout the employee lifecycle.
Palo Alto Networks customers are better protected from the threats discussed in this article through Unit …