LIM Center, Aleje Jerozolimskie 65/79, 00-697 Warsaw, Poland
+48 (22) 364 58 00

The National Security Agency (NSA) Issues Guidance on Deepfake Threats

The National Security Agency (NSA) Issues Guidance on Deepfake Threats

The National Security Agency (NSA) Issues Guidance on Deepfake Threats

The National Security Agency (NSA) and its federal agency partners, including the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA), have released a joint Cybersecurity Information Sheet (CSI) to address the emerging threat of deepfakes. Deepfakes refer to multimedia content that has been synthetically created or manipulated using artificial intelligence (AI) and machine learning technologies.

The CSI, titled “Contextualizing Deepfake Threats to Organizations,” aims to assist organizations in identifying, defending against, and responding to deepfake threats. It advises organizations to implement technologies such as real-time verification capabilities, passive detection techniques, and protection measures for high-level personnel and their communications to detect and mitigate deepfakes.

The term “deepfake” encompasses various forms of artificially generated or manipulated media, including shallow/cheap fakes, generative AI, and computer-generated imagery (CGI). The ease and scale with which cyber actors can now use these techniques pose a unique challenge to national security.

The consequences of deepfake threats can be wide-ranging. They can undermine organizations’ brands and finances by impersonating leaders and financial officers or using fraudulent communications to gain access to networks and sensitive information. Additionally, synthetic media has the potential to cause public unrest by spreading false information on political, social, military, or economic issues.

Technological advancements in computational power and deep learning have made the mass production of fake media easier and more affordable. Open-source repositories like GitHub already offer ready-to-use deep learning-based algorithms, making the application of these technologies accessible to individuals with minimal technical skill and equipment.

To address these evolving threats, the NSA, FBI, and CISA urge security professionals to implement the strategies outlined in the CSI. Organizations should prioritize information sharing, plan and rehearse responses to exploitation attempts, and provide personnel training to minimize the impact of deepfakes.