• Login
NORVANREPORTS.COM |  Business News, Insurance, Taxation, Oil & Gas, Maritime News, Ghana, Africa, World
  • Home
  • News
    • General
    • Political
  • Economy
  • Business
    • Agribusiness
    • Aviation
    • Banking & Finance
    • Energy
    • Insurance
    • Manufacturing
    • Markets
    • Maritime
    • Real Estate
    • Tourism
    • Transport
  • Technology
    • Telecom
    • Cyber-security
    • Cryptocurrency
    • Tech-guide
    • Social Media
  • Features
    • Interviews
    • Opinions
  • Reports
    • Banking/Finance
    • Insurance
    • Budgets
    • GDP
    • Inflation
    • Central Bank
    • Sec/Gse
  • Lifestyle
    • Sports
    • Entertainment
    • Travel
    • Environment
    • Weather
  • NRTV
    • Audio
    • Video
No Result
View All Result
No Result
View All Result
NORVANREPORTS.COM |  Business News, Insurance, Taxation, Oil & Gas, Maritime News, Ghana, Africa, World
No Result
View All Result
Home Features

Cybercrime: Lessons Learned From a $25 Million Deepfake Attack

6 months ago
in Features, highlights, Home, home-news, latest News
3 min read
0 0
0
124
VIEWS
Share on FacebookShare on TwitterShare on Linkedin

RelatedPosts

Parliament Adjourns Sine Die After Intense Legislative Session Marked by Reform Calls and Tributes

GACL Terminates Evatex Revenue Assurance Contract Amid OSP Probe

Cyber Security Authority Flags Rising Mobile Data Scam, Cautions Public

Cybercrime: Lessons Learned From a $25 Million Deepfake Attack

Early in 2024, an employee of UK engineering firm Arup made a seemingly routine transfer of millions of company dollars, following a video call with senior management.

Except, it turned out, the employee hadn’t been talking to Arup managers at all, but to deepfakes created by artificial intelligence. The employee had been tricked into sending $25 million to criminals.

This wasn’t a traditional cyberattack, the kind that compromises a company’s digital systems. This attack used psychology and sophisticated deepfake technology to gain the employee’s confidence.

It’s an example of how cybercrime is evolving. At the time, Arup’s Chief Information Officer, Rob Greig, said the company had seen the number of cyberattacks rise sharply, along with their sophistication.

This trend is underscored in a World Economic Forum report titled Unpacking Cyber Resilience, which aims to help companies become more cyber resilient.

Here, Greig – who was previously director of the UK’s Parliamentary Digital Service – talks about what the company learned from its deepfake attack, and what organizations can do to protect themselves.

Figure showing the impact of cyber incidents on primary goals and objectives

Cyber resilience is a critical priority for all organizations.Image: World Economic Forum

What was your first reaction when Arup was hit by the deepfake attack?

The first thing to say is we are attacked every day. I used to do a presentation that described it like this: if cyberattacks were bullets, we would all be crawling around on the floor because they would be coming through the window, thousands of rounds a second.

Organizations like mine – we are on the receiving end of attacks every week. And some are more successful than others. It’s really important we’re more open and transparent about this.

The more we talk about what is actually happening in our organizations and the impact it’s really having on businesses and society and individuals, the more we can do to raise awareness and combat these threats.

What happened at Arup – I would call it technology-enhanced social engineering. It wasn’t even a cyberattack in the purest sense. None of our systems were compromised and there was no data affected.

People were deceived into believing they were carrying out genuine transactions that resulted in money leaving the organization.

My understanding is that this happens more frequently than a lot of people realize.

Audio and visual cues are very important to us as humans and these technologies are playing on that. I think we really do have to start questioning what we see.

Do you think the distinction you made with the terminology is important – in order to help people understand what happened?

I think sometimes technology and cyber buzzwords can make it difficult for the average person to penetrate. They might ask, is this even something that affects me or my business?

The reality is that this crime has been taking place since history was written down. People have always tried to deceive others for some kind of gain.

What’s different today is people are using technology to do that.

Deepfake sounds very glamorous but what does it actually mean? It means someone successfully pretended to be somebody else. And they used technology to enable them to do that.

So what has changed with technology to enable this?

Technology is becoming much more effective, convincing and accessible. It’s freely available to someone with very little technical skill to copy a voice, image or even a video.

After the incident, I was curious so I attempted to make a deepfake video of myself in real time. It took me, with some open source software, about 45 minutes.

It wasn’t particularly convincing – but it was surprising what can be achieved in such a short period of time.

What are some of the immediate actions an organization can take if faced with this kind of attack?

Firstly, it’s about having visibility of what’s happening from a technology and cyber and data perspective.

Who has access to what and when? What data is moving around your organization? Who is trusted and what is not trusted? And what sort of erroneous activity is happening within the organization?

Being able to detect that allows you to respond. For us, the first thing to do was quickly assess the extent of the attack and identify if the entire organization was affected. Were our clients at risk? Were our people or their data at risk?

With that visibility, we were able to very quickly identify that we were not compromised and this was being caused by something else.

Second, it’s important to have rehearsed a response, not to a particular incident, but to a general set of incidents that might occur so everyone knows what their role is.

What are some other cyber threats that organizations are facing today?

We hear a lot about things like AI and quantum computing, and terms like quantum encryption and how this will change the technology landscape for ever. And it’s a huge threat to us.

But the reality is, today, the same issues that we’ve been facing for the past decade and even longer continue to be a serious risk to individuals and to businesses.

A simple example is things like USB devices, which are still used as a vector to attack organizations and individuals.

And the classic phishing email remains one of the top ways that people try to compromise individuals or organizations – and even governments.

Tags: $25 Million Deepfake AttackcybercrimeCybercrime: Lessons Learned From a $25 Million Deepfake Attack

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

No Result
View All Result

Highlights

Gov’t Reopens Talks With PayPal to Restore Full Service Access in Ghana

Financial Sector Assets up 34.6% in 2024 to GHS 525.59 Billion

Banking Sector Soundness Remains Robust in 2024 Amid Strong Profitability, Adequate Capital Buffers

Sha’Carri Richardson Withdraws from US Trials Following Arrest

From Singuluma to El Kaabi: Can CHAN 2024 Unleash the Next Hat-trick Hero?

Ghana to Welcome King’s Baton Relay on August 8 Ahead of 2026 Commonwealth Games

Trending

Features

Parliament Adjourns Sine Die After Intense Legislative Session Marked by Reform Calls and Tributes

August 2, 2025

Parliament Adjourns Sine Die After Intense Legislative Session Marked by Reform Calls and Tributes Parliament has adjourned...

GACL Terminates Evatex Revenue Assurance Contract Amid OSP Probe

August 2, 2025

Cyber Security Authority Flags Rising Mobile Data Scam, Cautions Public

August 2, 2025

Gov’t Reopens Talks With PayPal to Restore Full Service Access in Ghana

August 2, 2025
Bank of Ghana

Financial Sector Assets up 34.6% in 2024 to GHS 525.59 Billion

August 2, 2025

Who we are?

NORVANREPORTS.COM |  Business News, Insurance, Taxation, Oil & Gas, Maritime News, Ghana, Africa, World

NorvanReports is a unique data, business, and financial portal aimed at providing accurate, impartial reporting of business news on Ghana, Africa, and around the world from a truly independent reporting and analysis point of view.

© 2020 Norvanreports – credible news platform.
L: Hse #4 3rd Okle Link, Baatsonaa – Accra-Ghana T:+233-(0)26 451 1013 E: news@norvanreports.com info@norvanreports.com
All rights reserved we display professionalism at all stages of publications

No Result
View All Result
  • Home
  • Business
    • Agribusiness
    • Aviation
    • Energy
    • Insurance
    • Manufacturing
    • Real Estate
    • Maritime
    • Tourism
    • Transport
    • Banking & Finance
    • Trade
    • Markets
  • Economy
  • Reports
  • Technology
    • Cryptocurrency
    • Cyber-security
    • Social Media
    • Tech-guide
    • Telecom
  • Features
    • Interviews
    • Opinions
  • Lifestyle
    • Entertainment
    • Sports
    • Travel
    • Environment
    • Weather
  • NRTV
    • Audio
    • Video

Welcome Back!

Login to your account below

Forgotten Password?

Create New Account!

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
NORVANREPORTS.COM | Business News, Insurance, Taxation, Oil & Gas, Maritime News, Ghana, Africa, World
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.