Извините, этот текст доступен только на “Английский” и “Украинский”.
The landscape of technology is ever-evolving, and each advancement poses new opportunities and threats. One such challenge that has recently come into focus is the growing phenomenon of Artificial Intelligence (AI) children impersonating real kids.
According to a study by Visa Stay Secure, 7 out of 10 Ukrainians are concerned that their relatives may become victims of scammers.
How common is high-tech cyber fraud in Ukraine, whether it is possible to slow down the development of new technologies adopted by hackers, why do people fall for dull fraud schemes and what are the top tips for Cyber Hygiene to keep yourself safe online — interview with Vitaliy Yakushev on NV radio.
Ilya Kabachynskyi: According to your data, how common is «technological» fraud in Ukraine? Deepfakes, popular AI voice cloning scams? How, in your opinion, will things go over the 5-10 years?
Vitaliy Yakushev: There are no accurate statistics yet. There is information that scammers stole about UAH 200 million from businesses and people last year. These are the victims who made the case, but many just don’t outspeak.
Deepfakes, AI, and other high-tech tools are used in a specific way for special frauds. As to the mass fraud schemes, old effective methods are used and will be used, unfortunately, just because they work. We are trying to reduce their impact, but so far they are well-known, easy, and cheap to implement.
I.K.: My own observation is that we shift responsibility to companies, banking institutions, and payment systems. Let’s say they are big, rich and cyber-savvy — they should take care of our cybersecurity to keep us out of being deceived, secure data from being stolen from our phones, and spot fake or fraudulent payments.
Name a few rules to protect yourself. Let them be basic things that we often ignore.
V.Y.: Any cyber defense consists of several fundamental mandatory components: technologies, processes, and people. If any component is missing, we can assume there is no cyber defense. As you mentioned, we are shifting part of our defense to the companies, that cover some of those components — technology and processes. But first and foremost, the human factor remains important, and secondly, people should also consider technologies.
A unique, complex password is a must-have. You need to update your gadgets regularly.
However, the human factor still remains a constant decisive factor for centuries. The term for «social engineering» is more than 130 years old, it emerged not in the computer age. People have been scammed for a long time. The approaches are the same: building trust, intimidation, and exploiting human weaknesses. Therefore, it is necessary to be aware of «red flags» and identify fraudsters who try to deceive you by intimidating you, luring you to fake websites, and making you transfer money somewhere.
I don’t know what will happen tomorrow, maybe there will be a messenger in virtual reality, for example, in VR masks from Apple. There will be anyway attacks through messages, the approach will be the same. First building trust and then trying to steal something from you — information or money.
As to intimidation. «You’ve been hacked, click the link, and change your password.» If you receive such a message, you should consider it very carefully. Or a message about some financial transaction — «transfer money», «you received money». Also, double-check.
Sometimes they try to play with your weak points, for example, greed: «iPhone 15 Pro Max for UAH 1000, just now, only here.» You should figure out why someone suddenly wants to give you something. «You won a car» — however you’ve never played the lottery.
You have to learn to see these «red flags». Then all other tricks by hackers, such as artificial intelligence, will be hard but possible to handle, and you will also be able to recognize fraud in the egg.
I.K.: Extremely interesting, I wouldn’t even have thought about it!
According to the Stay Secure study by Visa, 48% of the younger generation will fall for an offer of a valuable gift or a promising financial opportunity. We often think ill of older people, but in fact, young people «swallow» such stories so much. Therefore, simple awareness and information about financial security greatly helps.
Vitaly, you drew parallels getting back to 130 years ago, but let’s give it another go. Social engineering has been around for so long with new technologies emerging. For example, I read that artificial intelligence is better at weather forecasting than all other scientists in the world altogether. However, these technologies are unable to protect against hackers. In fact, this is a kind of non-stop race between the powers of good and evil, that never can be stopped by anything.
V.Y.: Yes, an eternal race. It has been and it is going to be because we cannot solve the problem at the level where it emerged. That is, if artificial intelligence is used for attack, it can be used for defense, but it will be a tool of the same level. It is necessary to create something that will be one step ahead.
Artificial intelligence has long been helping to protect against fraud. Algorithms help detect deepfakes. But as for today and shortly, this race between shells and armor goes on. Unfortunately, the attack is half a step ahead.
I.K.: You told about artificial intelligence that can generate a photo and even a video. I remember a story about a Ukrainian company, which, however, no longer exists. The idea was that the guys created an online persona, named it, took some image or generated it, took a fake phone number, and bought the leaked account of some Philippine bank. As a result, an online persona appeared that never existed in reality. They could make tens of thousands of them, and use them for advertising so that bots could not track them.
That is, it is a huge problem. Apart from being aware, what can we do to fight illegal and unethical use of technology?
V.Y.: If we in an official way adjust technologies and slow down their development, the underworld market won’t be on hold. In such a case we will fall even further behind the attackers. I am against putting it on hold and adjusting. Instead, we should master and develop tools that can help, i.e. «anti-deepfakes».
We can ensure that big companies that create deepfakes add special watermarks invisible to the human eye, but visible to the algorithm. Then it will be easy to detect deep fakes with the help of special programs, which will likely be free.
But if, for example, a relative calls you and there are these «red flags» in conversation, such as money or passwords, then you need to have a «plan B». The same stop words or secret words. Or, if one calls you, for example, on Skype, call him back through another application, another messenger, or just by phone. This is how you check if it’s a real person or a deepfake.
Yes, this is a new reality, we will have to get used to it. But that is why we are humans, the crown of creation. We have evolved just because we survived through various dangers that threatened us for ages.
I.K.: You work in companies dealing with cybersecurity. To what extent have cyber threats increased in the last few years? It seems that everything is digitized nowadays, even smart kettles are now available.
V.Y.: We can become a «cyber Swiss army» when everyone secures our state’s virtual borders.
Talking about threats, yes, they are growing. The rapid growth was prompted by the advent of cryptocurrencies, which was one of the impetuses of the cybercriminal world. Scammers now demand ransom in cryptocurrency, which allows them to keep hiding from the law.
Also, the effects of cyber attacks are becoming more severe both for the state and for private businesses, and even for humanity as a whole. No wonder the WEF listed widespread cyber crime and cyber insecurity among the top 10 most severe short-term and long-term risks facing humanity. It’s not just about business, computers, servers — but about humanity.
Earlier in the movie, a hacker was depicted as a kid who somewhere in the basement of his mother’s house hacks some servers of state body and it does not affect anyone except this state body. Today, a broken server can affect the work of a company that provides services to a large number of people. This leads at least to inconvenience, and at most to loss of money and even health, if we talk about medical facilities. People can die or lose health due to cyber attacks.
And it will go up because everything is being really digitalized. Nowadays, it is very difficult to find a business that does not rely on digital tools.
Source: podcasts.nv.ua
