NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats

Yesterday, CISA, the FBI, and the National Security Agency (NSA) published a Cybersecurity Information Sheet (CSI), Contextualizing Deepfake Threats to Organizations, to provide organizations with an overview of synthetic media threats, techniques, and trends.

According to the CSI, threats from synthetic media, such as deepfakes, have exponentially increased and present a growing challenge for users of modern technology and communications including the federal government and critical infrastructure owners and operators. Between 2021 and 2022, U.S. government agencies worked together to create a set of employable best practices to utilize in preparation and response to the growing threat. Public concern around synthetic media includes disinformation operations, which are designed to influence the public and spread false information about political, social, military, or economic issues to cause confusion, unrest, and uncertainty.

Critical infrastructure organizations, including water and wastewater systems, can experience operational impacts from mis/disinformation threats, such as deepfake threats. WaterISAC has been tracking mis/disinformation incidents affecting the water sector since 2020. It frequently receives reports from utilities about mis/disinformation incidents affecting them, which are tracked in its Quarterly Water Sector Incident Summary reports. Most incidents reported to WaterISAC are fairly benign, but others have catalyzed potential operational and security impacts to reporting utilities. (For more information on mis/disinformation see WaterISAC’s recent Threat Analysis for the Water and Wastewater Sector). 

The authoring agencies encourage organizations to review the CSI for recommended steps and best practices to prepare, identify, defend against, and respond to deepfake threats. Read the full fact sheet here