Last week, Microsoft’s president Brad Smith stated that his biggest concern with artificial intelligence is deep fakes.
“We’re going to have to address the issues around deep fakes,” he said at a speech in Washington. “We need to take steps to protect against the alteration of legitimate content with an intent to deceive or defraud people through the use of AI.”
Deep fakes are realistic, but false, looking content that is created using artificial intelligence. AI will use a real person’s face and voice and produce a video, image, or audio that could easily fool anyone into believing that the content is true – even though the real person has never said or done it.
For the most part, videos made using deep fake technology can be fact-checked, but they could be, and have been, used maliciously. One incident saw employees fooled into believing their CEO was calling them and asking them to send a certain amount of money to a bank account.
As creating fake video using AI becomes even easier, what do we do about a world which is entirely virtual, such as the metaverse?
Gartner predicts that by 2026 25% of people will spend at least one hour a day using “the metaverse”, whether that is attending virtual events, online shopping, or heading into a digital workspace for a meeting.
The metaverse can offer a lot of positives for business, advocates claim. For one, digital twin technology can allow employees to use VR headsets to walk around a replica of their workplace (such as a factory or mine) in order to train, or even monitor machinery in real time (with a little help from IoT).
Speaking at UK Cyber Week last month, Zoe Edmeades, managing director of The Security Company, pointed out that 98% of security experts are concerned with the risks of combining the metaverse with technologies like deep fakes and AI.
While an intruder to a Zoom meeting may be more obvious, “when you’re in the metaverse, you are generally represented by either a block or cartoonist style avatar,” Edmeades states, “or a disembodied floating torso with a pair of hands – none of which looks remotely like you.”
“In a realm where everyone is represented by a digital avatar, spotting an intruder is going to be far more difficult,” she said.
The risk of an intruder finding their way into a personal business meeting is true – former UK Prime Minister Boris Johnson was exposed for using his permanent personal meeting ID on Zoom (something easily accessed), rather than the separate, individual meeting IDs for government business during the Covid-19 pandemic.
It is not just politicians, as it stands, humans have not handled taking work online the most securely in general. Companies are still failing on the basics of their cyber security. For example, 25% of the most common passwords are keyboard patterns, and the top password for 2022 is “12345”.
With statistics like these, “it’s no surprise that in 2021 there was a 90% increase in cyber-attacks,” admitted Edmeades.
With proof that the current internet still has a lot of room for improvement for business, security, wise, the “new internet”, as Edmeades called it, calls for intensive security before mistakes are made.
“Even in today’s 2D version of the internet, digital identity is a very big issue,” she said. “This has become so sophisticated that an email from your bank, a call from your insurer, or even a text message from your mother is not always as it seems.”
“So it’s going to be a minefield in the metaverse.”
To tackle this issue of deep fakes in the metaverse, the use of non-fungible tokens – blockchain-based tokens that represent a completely unique asset, usually associated with pieces of digital art or clothing – could become vital for cyber security.
“Non-fungible tokens are normally seen within the crypto world, but there is a possibility that this is something that could be used for security,” iterated Edmeades.
If your company were to make each employee’s avatar an NFT, then it will have a secure digital badge that will denote that it is the real employee speaking.
However, as commonly the main issue, it is basic employee security training that is necessary, too.
“We need to understand what the metaverse means for each of our organisations, and I strongly urge you to create new policies for your business,” said Edmeades.
“We need control, and a shift to bring privacy to the forefront. Which requires significant user education and behaviour change,” added the managing director. “Virtual reality headsets are a gateway in for malware and data, so understanding how this equipment will be used, and how it will be updated so that users understand what they actually need to do in the digital world.”
Subscribe to our Editor's weekly newsletter
Share
