How a Social Media Fad Is Turning into a Cyber, Fraud Risk for Insurers
Powered by InsuranceJournal.tv
Anyone who uses social media has probably come across deepfakes, which refer to media such as videos, photos or audio that have been modified using artificial intelligence.
Deepfakes have become increasingly common in entertainment, internet memes and social media over the past few years. However, as the technology becomes more advanced, it’s raising questions over the impact to insurers as they attempt to fight fraud or prepare for cyber attacks.
“Deepfakes are a moving target, and I mean, if we want to talk about the insurance industry, it’s probably something that was viewed as sort of this novelty out on social media for a while,” says Nicos Vekiarides, CEO and co-founder of software company Attestiv, in this episode of the Insuring Cyber Podcast.
However, Nicos explains that the COVID-19 pandemic in particular has led a lot of insurers to move to self-service, in which photos to accompany claims are taken and provided by insureds rather than adjusters.
“It creates this level of trust,” he says. “And that means that there’s a lot more exposure for insurance companies to this new form of media fraud. Are the photos or videos that I’m getting from my insured – are they real or not?”
Attestiv works to verify the authenticity of digital media and data to prevent fraud and risk, and Nicos says whether it comes to reputational damage or cyber threats, deepfakes have escalated the risks for insurers.
“I think insurance companies might be well-positioned to help drive a solution by encouraging their customers and maybe even rewarding businesses for taking steps to mitigate their exposure to fake media and deepfakes,” he says. “Think of it as sort of the equivalent of the safe driver credit for running a business. If you’ve put in place a solution that can help prevent or detect or mitigate the effect of deepfakes, you’re really reducing your risk. So I think that’s very important going forward.”
In its recent report titled Social Engineering: Blurring reality and fake, CyberCube says the ability to create realistic fake audio and video using artificial intelligence and machine learning has grown steadily and could become a major cyber threat to businesses and cyber insurers within the next two years.
“What we say in the report is not necessarily that deepfakes, along with other socially engineered attack technologies, will open up brand new attack categories,” says Darren Thomson, author of the report and CyberCube’s head of cybersecurity strategy, later in this episode. “But what we are saying is that they’re very likely to supercharge existing attack strategies…so that’s definitely a dynamic that we think the insurance industry needs to keep an eye on.”
He adds that for insurers already worried about ransomware, emerging technologies powered by AI could likely supercharge ransomware and other attack types.
“This is always a cat and mouse game between the side of defenders and the cyber attackers,” he says. “Technologies are emerging now to detect deepfakes, for example, and to apply clever algorithms to try to detect when a video is not real. So it’s important that the insurance industry keep track of not just what the adversary’s doing, but also what the defenders are doing and to be constantly in touch with their clients around what defenses are being stood up in response to these emerging attacks.”
To find out what else Nicos and Darren have to say, check out the most recent episode of The Insuring Cyber Podcast and be sure to tune in for new episodes every other Wednesday published along with the Insuring Cyber newsletter.