A (5:35)

So with AI today, this impersonation and it's really, really compelling and I'd be interested in Are you seeing more upticks in hey, it's the CEO or are you guys getting audio messages or are there other AI driven risks that you're seeing becoming more prevalent today?

C (6:00)

That's interesting. No, we haven't seen that firsthand but that is something that I am concerned about. I know that we often get people get the text messages that they say they're from our CEO and he needs them to quickly go to go on out and buy these Apple gift cards because that's how we, that's what you need to do as a CEO, you know, and we warn people about those. But I am concerned that we will see more of an AI driven type of thing where they'll, you know, maybe get like a video call or things like that. I know that's more prevalent for us when it comes to like the, our banking side. And so there's more controls in place that we rely on the banks for. But for our organization that AI impersonation hasn't become a full level attack yet. But I'm sure that a lot of these phishing emails that we get because they're getting better and better and better are probably generated by AI tools to make them look like, you know, an AMEX GBTA invoice or whatever it might be.

D (7:02)

I'm going to add a little bit there across partners and customers, we actually are seeing an uptick in the AI enabled adversary and there's a couple different ways. Right. So like on the, on the sophisticated route through a partners of name tag, right. We've seen adversaries using AI to essentially generate images of government documents to pass ID verification, maybe more in the mid range. We've seen a lot of voice cloning for vishing and essentially the forward of voice notes for escalation of credibility. That sort of thing. In fact, we even did this ourselves. So for our holiday party, we couldn't have all of our executives together just because of travel and logistics and whatnot. And I had been meaning to do some of my. So one of my own projects is I want to build a Claude Plug in Red kit for our security team to make sure that we're always kind of using, testing and generating the most advanced AI tools. And I had been meaning to take a look into the voice cloning stuff. And over the course of a day I basically got Claude to write a Christmas rhyme in the style of the Night Before Christmas that incorporated kind of the accomplishments of the company over the last 12 months, relegate a section to each of our executives. And then I built a voice cloning pipeline where I basically pulled and processed audio clips for all of the execs. Some of them I pulled off of Zoom, some of them I pulled off YouTube and then built a mechanism that basically took the script and used the clone for each person, for each try and then kind of fused it together into a simultaneous audio file. And then we ended up playing that later on that night. The couple things that were eye opening on this, right, I wouldn't necessarily call it Red Team esque as opposed to this was just like a little bit of research. Number one, it was less than a day's worth of work. Number two, what I didn't quite appreciate from an adversarial perspective is when you're, when you're doing at least voice cloning, there's two approaches. There's what's called zero shot or multi shot voice cloning where you take an off the shelf voice model. And by the way, there's a ton of them available in open source. And these aren't massive models, these are small models that run on your laptop and you give it essentially 10 seconds of audio of the target or the victim and then you give it the text and it will generate an audio file, high quality in the cadence of your person. And I would say this matched my execs. Seven out of eight of them were impreciated. Like no one would have questioned it. One of them was weird. But I think that was an artifact in the text because some of the text was all caps. So he started screaming.

C (10:04)

But.

D (10:06)

This was all accomplished in a day. Most of the tooling that I built out was really an audio pre processing, like getting the highest quality 10 second clip to then feed into the cloner. I did all of this with basically zero knowledge before the day in the area. And if I wanted to, I could have done something called fine tuned the model. Right. And when you fine tune the model, basically you're letting the weights move and you're essentially training on the victim's voice. This probably would have taken me an extra two days to do, but I'm speculating, I don't actually know. I'm willing to bet I would have closed the gap on that last person and made them realistic as well. So the point in all of this is these tools are life changing in how we do work. And let's not forget that the bad guys have jobs too. And it's going to change how they come after us. They're going to be able to impersonate us, not just in how they write things, but in what documents look like in imagery and in voice. And we are seeing an uptick in this. I think it's more in targeted attacks right now than kind of the dandelion style attacks where you mass mail 50,000 people and see who phones home. But yeah, make no mistake, the world is changing very quickly in this regard.

B (11:27)

Yeah, so this whole voice cloning thing is, I mean, it's scary. Like I've, I've received some of these attacks myself from, from folks impersonating people I know. And it's really hard to tell just, you know, when you're on the other end of a cell phone. So what, what kinds of things do people need to do to protect themselves? Like what, what are the strategies now that these attacks are getting so good?

D (11:54)

So let's think about this, right? There's two things. So the most obvious thing that I think everyone kind of jumps to to start with is how do I know that this is fake? Right? How do I know if this is real? And it's a reasonable question. But the next step is a bunch of people then jump to the solution and it's essentially like fake detection, fake detectors. And I think we've had about a year and a half of companies producing the equivalent of deepfake detectors. And I kind of have a problem with that for twofold. From a technology perspective, the deception detection in that regard tends to overly focus on essentially what are signal processing artifacts. And if you look at how these models work and how these models are improving and over what time, it's really easy to imagine, or it's hard not to imagine, if we want to double negate it, that the models are going to be, the output of the models are going to be imperceivable from reality. So is this really even going to work. But then ignore the technology question and just think about it as a user behavior. If all of this is there and you're sick, but you want to be on a call, why wouldn't you voice clone yourself? You got kicked. Look, we know you love your horses. We know they're really dangerous. You got kicked in the face over the weekend. And so your jaw is barely hanging on, but you still need to be on that call. And you probably don't want to let everyone say they told you so. So you're going to video clone your jaw back into place, right? Now, obviously the more realistic example is like makeup filters and blemish filters and enhanced lighting and whatnot. But like, what's the difference, right? If AI is really around the corner, you can't take the position that only bad people use AI. Everyone's going to be using AI. So the detection or the presence of AI is not a meaningful question to even ask. A meaningful question to ask is, who is this coming from? On what device is it coming from? What's the level of trust and belief that I have there? And so I would posit that whether it's with a company like ours or someone else, the solution is attestation, right? So video products, audio products, communication and productivity products need to actually start attesting to the author's identity, the device's identity they worked on, and that sort of thing. And you know, we have plugins for Zoom and Teams and Outlook that kind of do this in our product. But like, let's say we go beyond, beyond identity. I do think that's the way of the future, right? Like, if all sensor data can be faked, then ultimately we need to be able to track data provenance back to the sensor that produced it or the source that produced it. And so this concept of leveraging things like TPMs and hardware enclaves to do this attestation at a high level, like what we do with identity, I think it's here to stay. And I think it's actually going to go up the food chain. And I think it's going to go so far as the sensors that produce data or the humans and machines that produce the data are going to have to essentially watermark it right, in this, in this way that, that you can actually attribute back to hardware and, you know, just to stave off, hey, watermarking. I can always strip something off of watermarking. Yeah, that's true. But let's remember what the problem is. The problem isn't can someone strip something out the problem is can they attach it? Right. And they can't just insert the watermark if the watermark is based on a hardware root of trust.

B (15:38)

So you also mentioned like the faking of legal documents. Right. And we've seen too, there's a lot of push now for authentication via all sorts of things to get access to various things on the Internet and the privacy concerns around that. Like how do you reconcile what you're talking about to have strong authentication and attestation, but yet protect privacy elements of people in their lives?

D (16:08)

Yeah, no, it's a double edged sword. Right. Let's talk about Tor.

C (16:13)

Right.

D (16:14)

Tor is a, it can be the boogeyman of certain conversations. Right. Tor is just used for the nefarious. But all right, well, let's remind ourselves who funded the original development of Tor. It was the United States Navy and the State Department. And why did they do that? Well, like one of their thoughts was this could really help the people in Iran. This can give them a way to actually get access to real information and not just what's being piped into them from the regime in charge. Privacy and security are always two sides of the same coin, and there's always a coin flip. There are technical solutions where if you have trusted intermediaries, you don't necessarily have to reveal yourself, but you can still carry entitlements and authorizations to be able to kind of do certain things. But there are still technical means of revealing privacy in the future. So for instance, you've all heard about store and decrypt later, right? Quantum is going to break all encryption and so the bad guy is going to record everything now. And once Quantum shows up, read the secrets. Right. Privacy has a similar sort of problem set up. Right. So if you think about, like think about Bitcoin, right? Technically my Bitcoin wallet or ID or address is anonymous. Well, it is, and until it isn't. And once I can actually associate you with a transaction, I can kind of unravel your entire history. So it's. Look, I'm not going to give you an easy answer to the privacy discussion. I think it's, I think it's a tricky answer. I think it's super nuanced. And I think part of the solutions to these problems are actually not technical. I think they're societal. Right. Ultimately there must be a consequence for breaking society's rules. Like you should probably go to jail for certain things. You should probably not be able to come back for a while for certain things. Society has to actually enforce those rules. Every now and then we get into these conversations around how do I prevent my employees from doing this and how do I prevent my employees from doing that? And it's like, look, we can work on all these problems. You're well past diminishing returns. It's pretty easy for you to have a tamper evident log of everything that's happening. And if someone breaks the rules, you're eventually going to find out, you can eventually figure out all the history. And at some point you just have to realize that like your deterrence against this is this big stick called you're going to go to jail.

A (18:39)

So coming back to this idea, I'm always interested in the societal elements, particularly when, you know, we have so many people embracing social media and just sharing their lives on social media. And in that realm, I mean, you know, Jason, you're out there, you're doing podcasts, you're doing interviews. Josh, same thing, you're doing interviews, you're out there, you know, it's part of the job. And so is this making these impersonation attempts easier for the attackers? Is there something that we need to start thinking about right as brands, as businesses, right as we wanna reach out to our audiences? So what do we do? Because it seems like we're just giving them more audio input, more video input of our person so that they could facilitate an attack more efficiently.

D (19:28)

If you've put more than 10 seconds of audio of yourself on anything that's public, you are cloneable. I don't know what the stats are in video, but it's just be prepared to be astounded that it's a lot less than you think it would be. If you've ever written what are the writings. It doesn't take much of a writing sample either to kind of understand your writing style. The horse is out of the barn on this one. What you can do, what your companies can do, what brands need to do at the end of the day is the idea already exists. It's been horribly, horribly implemented and executed by the companies that have existed it. But let's talk about the blue check mark. Like there is something to the idea. Even if the implementation is false, people need to stand behind what they're producing in a way that attributes back to them. That's the only answer that I really can kind of see and understand. Not for all communication, but for managing your brand, for managing your company, for managing your image. If you're a company or a product or a public figure, you need to speak and communicate through attested channels.

A (20:47)

Yeah, I Feel like the ship has kind of sailed in a lot of ways and everybody's information's already out there, so it's just becomes a way of life. I mean, is that really where we're at? I mean it's now you have to literally question everything in your personal life, in your professional life. It's a lot of work. Jason.

D (21:10)

There'S probably a policy angle to this as well. I don't think we're currently living through the times that's willing to do that, but there's probably a policy angle of like, what's the big stick here? Right. While people need to protect themselves, there should be some expectation over time that reputational damage by a bad actor or an adversary needs to be punishable by a way that is an effective deterrent.

A (21:34)

Absolutely. Agreed. Coming back to hospitality, Josh, when we were talking earlier, there's so many different entities involved in the hospitality world and so managing security and we talk about supply chain attacks, third party attacks. I mean, how do you manage through that in the hospitality world? Particularly when if we're talking about impersonation. Right. You can have people come in, I'm the CEO and they're talking to maybe someone who's a little more junior and they take action because it's time bound and all these other things. How are you guys managing through that?

C (22:11)

Yeah, so we like as a branded partner, we work with the major brands, Hilton, Marriott, ihg, Hyatt, and so each brand gives us variable degrees of what we can do on our side versus what we do on the brand side. And so any opportunity we have where we can do everything on our side, we'll take it. Like if we can have that reception welcome desk workstations managed by us, we'll do that because we know that we have the most up to date data of who works for us and when they start and quit. If you're relying on a brand managed platform, we're relying on that general manager, once they've been employed and brought into our domain, where we've given them their beyond identity passkey and their email address and everything else. On our side we're relying on, if it's a brand managed desk, then we're relying on that general manager to submit those forms to create those employees to use the reception desk. And when it comes to the end of it, at the end of the day, if you're a busy GM and you're taking care of everything, you're usually there in charge of 100 to 120 room hotel. They've got Various departments, they've got housekeeping and they've got food and beverage, they have the sales department, they have the reception folks. And then they're still trying to make sure they're. Bill is a good process for us so we can keep them operating and all that stuff. The last thing you're probably is on your list is probably removing those old people just because it takes time. I gotta log into the system, gotta pull them up, gotta remove them, make sure that they processed. So when we're able to shift that over to our side, we can integrate things much more tightly so that when somebody's hired within an hour, we've got their account created. And then our goal is like, hey, the first step of your. When the employee starts, first thing that they do is they're going to log into Beyond Identity's portal, download that passkey, bind it to that device and rinse and repeat for any computers that they're going to work on. And then we assign the license from there and then they can continue to go. And then we know that as soon as they leave we can tear down that license, revoke that passkey, and we've moved on. Versus the other model of relying on a GM to go into a portal, create the account, make sure, you know, they've got access, they've created their password, they've added their MFA tool, whatever it is that the brand requires, because every brand has a different one, you know, and then they go and then suddenly they leave in a week, well, oh, I forgot to terminate them. They've actually they show up in my hotel for the next four months, you know, and we don't want that to be able to. A lot of the brands put like limits, you know, like every 90 days or whatever to change the password. But it's still an opportunity of a time where that stays open. So that's why we try and do that directly. But then on the flip side, there are smaller organizations where they maybe only own one hotel and maybe they run it themselves and they don't have the bandwidth to have that. So hopefully, I think there's a trend to engage with MSPs to help them with that. But a lot of them don't see that as a valuable expense because it's still, hey, we never had to pay for this before, why should we add that? And the brand going to get us. Yeah, exactly.

A (25:18)

Target us. Yeah, exactly.

C (25:21)

And then, okay, we're just going to use what the brand provides, you know, and hopefully then that they're a little bit more diligent in keeping up with that. But as we add more and more systems into hospitality and we're asking people to put passwords into all of this, that just creates another area where it can, you know, another failure point or another breach point. My biggest concern is employees that leave. I mean, hopefully we've got, you know, fairly good folks, but still, when you leave, you don't want to leave all those holes open. And with the traditional model is, hey, you sign into, you know, Kip sue for messaging, and this is username and password. And you sign into the pms and here's your username and password, and this is your Windows login username and password. And I can guarantee you that these employees, again, we're hiring, you know, great, warm, easygoing folks that are like, they love taking care of people. They probably are reusing the same password everywhere. So they've got these bad password habits. That's why I've been on a mission to. I'm so passionate about removing the password for hospitality folks because not only does it make their life so much easier, I've had so many comments of people. We recently opened a hotel in the GM called Automagical. He's like, this is amazing. On our side, all he had to do was type in his PIN code and he was logged into everything. Every time he would click like, oh, I need our purchasing platform. And then he'd see that beyond identity verification come up and he's in no passwords. He's able to do all of our systems. And then he's like, hey, can you put this on my brand account too, so I can just log in with that and sorry, that separate. Separate entity, separate controller. You're going to have to use Duo for your push and you'll have to use them Microsoft Authenticator and you'll have to add your password. And yes, you have to change every 90 days because that's their rules. So we love the fact that, at least on our side, we're doing whatever we can to control that. And I'm hopeful that we'll get the brands to take notice and realize the fatigue that comes with a password and using an MFA device.

A (27:28)

And I hate to do this, everyone, but we're going to pause today's discussion right here and pick back up next week. Thanks for joining us this week and as always, don't forget to smash that subscription button. And we'll see you next week. Till next time, stay safe. Thanks for joining us on the to the Point Cybersecurity podcast, brought to you by forcepoint. For more information and show notes from today's episode, please visit forcepoint.com podcast and don't forget to subscribe and leave a review on Apple Podcasts or your favorite listening platform.