704% increase in reported face swap attacks as use of deepfakes soars
Main findings:
-
704% increase in face swap attacks, a form of deepfake, from H1 to H2 2023
-
672% increase between H1 2023 and H2 2023 in the use of deepfake media deployed alongside metadata impersonation
-
353% increase in the number of malicious actors using emulators, a form of video injection attack, from the first to the second half of 2023.
-
255% increase in digital injection attacks against mobile web platforms from first to second half of 2023
-
Nearly half (47%) of information sharing groups identified by iProov analysts were created in 2023
LONDON–(BUSINESS WIRE)–iProovthe leading provider of science-based biometric identity solutions, today launched THE iProov Threat Intelligence Report 2024: The Impact of Generative AI on Remote Identity Verification. iProov’s report examines the remote identity verification threat landscape, providing first-hand insights into the anatomy of a digital injection attack and exposing threat actor methodologies, threat trends and their impacts. The report is created from data and expert analysis by the iProov Security Operations Center (iSOC).
Digital ecosystems continue to grow and multiply at record levels as organizations and governments seek to provide remote access and services to meet consumer and workforce demand. However, the unintended side effect of this growth is an ever-expanding attack surface which, coupled with the availability of easily accessible and criminally used generative artificial intelligence (AI) tools, has increased the need for verification highly secure remote identity. New iProov Threat Report reveals how bad actors are using advanced AI tools, such as convincing face swaps in tandem with emulators and other metadata manipulation methodologies (traditional cyberattack tools), to create new, largely unknown threat vectors.
Face swaps are created using generative AI tools and present a huge challenge for identity verification systems due to their ability to manipulate key characteristics of the image or videos. A face swap can easily be generated by commercially available video face swap software and is operated by transmitting the manipulated or synthetic output to a virtual camera. Unlike the human eye, advanced biometric systems can be made resilient to this type of attack.
However, in 2023, malicious actors have exploited a flaw in some systems by using cyber tools, such as emulators, to conceal the existence of virtual cameras, making it more difficult for biometric solution providers to detect. This has created a perfect storm, with attackers making face swaps and emulators their preferred tools for perpetrating identity fraud.
“Generative AI has dramatically increased the productivity levels of threat actors: these tools are relatively inexpensive, easily accessible, and can be used to create highly convincing synthesized media such as face swaps or other forms of deepfakes that can easily deceive humans. eye as well as less advanced biometric solutions. This only increases the need for highly secure remote identity verification,” says Andrew Newell, Chief Scientific Officer at iProov.
“While the data in our report highlights that face swaps are currently the deepfake of choice for threat actors, we don’t know what’s next. The only way to stay ahead of the curve is to continually monitor and identify their attacks, the frequency of attacks, who they target, what methods they use, and form a set of hypotheses about what motivates them.
The evolution of digital injection attacks
The use of emulators and metadata spoofing by malicious actors to launch digital injection attacks on different platforms was first observed by iSOC in 2022, but continued to dominate in 2023, with growth of 353% between the first and second half of 2023. An emulator is a software tool used to imitate a user’s device, such as a mobile phone. These attacks are evolving rapidly and represent significant new threats to mobile platforms: injection attacks against the mobile web increased by 255% between the first and second half of 2023.
Advances in collaboration and sophistication
Between 2022 and 2023, indiscriminate attack levels ranged between 50,000 and 100,000 times per month. We also note a considerable increase in the number of actors and an improvement in the sophistication of the tools used.
Significant growth in the number of groups engaged in exchanging information related to attacks on biometric and remote human identification or “video ID” systems has also been observed, reflecting the collaborative approach now adopted by threat actors. Among the groups identified by iProov analysts, almost half (47%) were created in 2023
New trends for 2023
There are two main types of attacks observed by iSOC: presentation attacks and digital injection attacks. Among the new trends discovered for 2023 are:
-
A significant increase in the number of packaged AI imaging tools deployed that make launching an attack much easier and faster, and this is only expected to increase.
-
There was a 672% increase between the first half of 2023 and the second half of 2023 in the use of deepfake media such as face swaps deployed alongside metadata spoofing tools. Presentation and digital injection attacks can have different levels of impact, but they can pose a significant threat when combined with traditional cyberattack tools such as metadata manipulation.
The report also includes a new section featuring case studies of prolific threat actors, whose identities have been anonymized. These case studies evaluate the sophistication of each actor’s attack methodologies, efforts, and frequency. This analysis provides invaluable insights and helps iProov continually improve the security of its biometric platform, helping to minimize the risk of exploitation for organizations from current and future remote identity verification transactions.
The iProov Biometric Threat Intelligence 2023 report is based on data from iProov Security Operations Center (iSOC) and expert analysis. To download a copy click here.
About iProov
iProov provides science-based facial biometric identity solutions to governments and businesses around the world. The company’s suite of multi-dimensional biometric solutions enables organizations to deliver remote onboarding and authentication for secure, effortless digital and physical access. Used by organizations such as the Australian Taxation Office, GovTech Singapore, ING, Rabobank, UBS, UK Home Office, UK National Health Service (NHS), the US Department of Homeland Security’s iProov biometric facial verification technology offers the most high levels of identity assurance in conjunction with an unrivaled customer experience. iProov Biometric Solutions Suite is protected by iProov Security Operations Center (iSOC), a 24/7 active threat management service. iProov Recognized as an Innovation Leader by Industry Analyst KuppingerCole, in the Leadership Compass report, Providers of Verified Identity 2022. In 2023, iProov was named to Gartner’s Buying Guide for Identity Verification. For more information, please see www.iproov.com or follow LinkedIn Or Twitter.
Contacts
Louise Burke
Global PR Manager
iProov
