Deepfakes, API attacks on the rise following Ukraine war

The use of deepfakes to evade security controls and compromise organisations is on the rise among cybercriminals, with researchers seeing a 13% increase in the use of deepfakes compared with last year, said a new report. Deepfakes use deep learning artificial intelligence (AI) to replace the likeness of one person with another in video and other digital media.

The findings from US-based cloud computing and virtualisation firm VMware's eighth annual ‘Global Incident Response Threat Report’, which surveyed 125 cybersecurity professionals from around the world, also revealed an uptick in the overall cybersecurity attacks since Russia's invasion of Ukraine, as stated by two-thirds (65%) of those professionals.

“Cybercriminals are now incorporating deepfakes into their attack methods to evade security controls,” said Rick McElroy, principal cybersecurity strategist at VMware.

“Two out of three respondents in our report saw malicious deepfakes used as part of an attack, a 13% increase from last year, with email as the top delivery method. Cybercriminals have evolved beyond using synthetic video and audio simply for influence operations or disinformation campaigns. Their new goal is to use deepfake technology to compromise organisations and gain access to their environment,” added McElroy.

The study also noted that application programming interface (APIs) or software that allows applications to talk to each other were “the next frontier” for attackers, which saw an increase by nearly a quarter (23%) over last year. "The most common types of API attacks include data exposure, structured query language (SQL) attacks, API injection attacks and distributed denial-of-service (DDoS) attacks," said the study.

Besides, a startling 47% of security professionals said that they experienced burnout or extreme stress in the past 12 months, a small decline from 51% in 2021. Additionally, e-crime groups’ collaborations on the dark web fortify ransomware attackers’ cyber extortion strategies, with 57% of respondents claiming to encounter such attacks in the past 12 months.

“In order to defend against the broadening attack surface, security teams need an adequate level of visibility across workloads, devices, users and networks to detect, protect, and respond to cyber threats,” said Chad Skipper, global security technologist at VMware.