The OWASP Top 10 for LLM team is excited to announce the release of the Guide for Preparing and Responding to Deepfake Events. This comprehensive resource provides organizations with practical strategies to mitigate the growing risk posed by deepfake technology.
Rather than relying on still-maturing deepfake detection solutions and techniques, our guidance emphasizes strong security fundamentals that will remain relevant even as malicious deepfakes become more sophisticated. The core pillars are robust authentication procedures, layered controls for sensitive actions, and a culture of verification that empowers employees to challenge the types of requests likely to occur during a deepfake event.
The guide covers four primary deepfake scenarios:
- Financial fraud through executive impersonation
- Social engineering to gain unauthorized access
- Mis/disinformation to damage reputation or manipulate markets
- Candidate Impersonation / Job Interview
For each scenario, we provide recommendations spanning the incident response lifecycle, from preparation through post-incident activity. Key topics include:
- Crafting an adaptable deepfake-specific incident response plan
- Inventorying and hardening high-risk processes like financial approvals
- Best practices for helpdesk authentication and reporting
- Monitoring brand sentiment and establishing takedown procedures
- Investigating potential deepfake incidents through OSINT techniques
- Conducting awareness training focused on process adherence vs spotting fakes
A central theme is that while cutting-edge deepfake detection solutions have a role, they are not a silver bullet. Detection accuracy in real-world conditions is unproven, and novel generation techniques can swiftly overcome static detection methods. Organizations must be able to respond effectively even if a deepfake is initially undetected or highly convincing.
By grounding our guidance in enduring security principles, we aim to equip organizations for both the current and future deepfake threat landscape. Building strong verification habits and incident response muscles now will pay dividends as malicious deepfakes grow in volume and verisimilitude.
The guide also spotlights the importance of regular pressure-testing through deepfake-focused tabletop exercises and simulated phishing. Keeping your finger on the pulse of both the evolving threat and your organization’s adaptability is crucial.