Voice recognition for accounts in multiple banks is hackable
A new variant of cyberattack has left hundreds of ethical hacking experts speechless. According to a report by an international media, a hacker group has used artificial intelligence-powered software to clone the voice of the executive director of an energy company to transfer more than €240k.
“The CEO of the company received a
seemingly usual call; at the other end of the phone line, hackers mimicked the executive
director’s voice, asking the CEO to make a payment to a provider in
Europe,” the report reads. Although the CEO was not mentioned the name of
the alleged supplier company, based in Hungary, the call was convincing enough
to mislead the CEO and get the transaction to take place. “The CEO says he
noticed his boss’s delicate German accent during the call, so he didn’t
hesitate to perform the requested operation,” the specialists say.
The attack was good enough to replicate the
voice of the company’s executive, a man of German origin. According to ethical
hacking specialists, it had previously considered using artificial
intelligence in the deployment of cyberattacks, so this could only be
the beginning of a wave of malicious operations using this kind of software.
“This could be a massive challenge for
thousands of companies around the world, as cyberattack methods are advancing
rapidly and, in many cases, companies have very limited security tools or, at
worst, do not have any cybersecurity measures at all,” the experts
say.
Philipp Amann, director of Europol’s European
Cybercrime Centre, mentions that the authorities do not have sufficient reports
to determine whether this is the first cybercrime perpetrated by artificial
intelligence. In addition, the researcher emphasizes on the little optimistic
scenario that might arise in the future: “If hackers succeed, the
frequency with which these crimes are presented will increase,” says
Amann.
On the other hand, ethical hacking specialists from the International Institute of Cyber Security (IICS) agree that such attacks will be seen more often in the future, consolidating as the evolution of phishing attacks, bringing the actors of threats activities of broad destructive power in a company or government agency.
Gloss