Cybersecurity in a Race to Unmask a New Wave of AI-Borne Deepfakes

Kevin Mandia, CEO of Mandiant at Google Cloud, calls for content watermarks as the industry braces for a barrage of mind-bending AI-generated fake audio and video traffic.

RSA CONFERENCE 2024 – San Francisco –
Everyones talking about deepfakes, but the majority of AI-generated synthetic media circulating today will seem quaint in comparison to the sophistication and volume of whats about to come.
Kevin Mandia
, CEO of Mandiant at Google Cloud, says its likely a matter of months before the next generation of more realistic and convincing deepfake audio and video become mass-produced with AI technology. I dont think its [deepfake content] been good enough yet, Mandia said here in an interview with Dark Reading. We are right before the storm of synthetic media hitting, where its really a mass manipulation of peoples hearts and minds.
The election year is of course a factor in the
expected boom
in deepfakes. The relative good news is that to date, most audio and video deepfakes have been fairly simple to spot either by existing detection tools or savvy humans. Voice-identity security vendor Pindrop says it can ID and stop most phony audio clips, and many AI image-creation tools infamously fail to render realistic-looking human hands — some generating hands with nine fingers, for example — a dead giveaway of a phony image.
Security tools that detect synthetic media are just now hitting the industry, including that of Reality Defender, a startup that detects AI-generated media, which was named the
Most Innovative Startup of 2024
here this week in the RSA Conference Innovation Sandbox competition.
Mandia, who says he is an investor in a startup working on AI-generated content fraud detection called Real Factors, says the main way to stop deepfakes from fooling users and overshadowing real content is for content-makers to embed watermarks. Microsoft Teams and Google Meet clients, for example, would be watermarked, he says, with immutable metadata, signed files, and digital certificates.
Youre going to see a huge uptick of this, at a time when privacy is being emphasized as well, he notes. Identity is going to get far better and provenance of sources will be far better, he says, to guarantee authenticity on each end.
My thought is this watermark could reflect policies and profiles of risk that each company that creates content has, Mandia explains.
Mandia warns that the next wave of AI-generated audio and video will be especially tough to detect as phony. What if you have a 10-minute video and two milliseconds of it are fake? Is the technology ever going to exist thats so good to say, Thats fake? Were going to have the infamous arms race, and defense loses in an arms race.
Cyberattacks overall have become more costly financially and reputation-wise for victim organizations, Mandia says, so its time to flip the equation and make it riskier for the threat actors themselves by doubling down on sharing attribution intel and naming names.
Weve actually gotten good at threat intelligence. But were not good at the attribution of the threat intelligence, he says. The model of continuously putting the burden on organizations to build up their defenses is not working. Were imposing cost on the wrong side of the hose, he says.
Mandia believes its time to revisit treaties with the safe harbors of cybercriminals and to double down on calling out the individuals behind the keyboard and sharing attribution data in attacks. Take the sanctions against and naming of the leader of the prolific
LockBit ransomware group
by international law enforcement this week, he says. Officials in Australia, Europe, and the US teamed up and slapped sanctions on Russian national Dmitry Yuryevich, 31, of Voronezh, Russia, for his alleged role as ringleader of the cybercrime organization. They offered a $10 million reward for information on him and released his photo, a move that Mandia applauds as the right strategy for raising the risk for the bad guys.
I think that does matter. If youre a criminal and all of a sudden the whole world has your photo, thats a problem for you. Thats a deterrent and a far bigger deterrent than raising the cost to an attacker, Mandia maintains.
Law enforcement, governments, and private industry need to revisit how to start identifying the cybercriminals effectively, he says, noting that a big challenge with unmasking is privacy and civil liberty laws in different countries. Weve got to start addressing this without impacting civil liberties, he says.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Cybersecurity in a Race to Unmask a New Wave of AI-Borne Deepfakes