When COVID-19 struck and community activities were restricted, health consultations shifted from in-person to virtual interactions. This was quickly adopted by the healthcare world by providing telemedicine services that include health consultations, diagnosis, and even prescriptions. According to a survey by Alodokter, the number of telehealth users in 2021 has increased by 30% compared to 2020.
The expansion of telemedicine has made medical information increasingly accessible on the internet. Patients and healthcare professionals are becoming more comfortable interacting virtually, whether through photos, videos, or just audio. Not only that, but people are also growing more confident in conducting their own research and diagnoses independently. However, as telemedicine advances, deepfake technology lurks. This technology can manipulate audio, video, and other digital content to appear very realistic.
Imagine if you were a victim of a misdiagnosis because a video of a famous doctor spreading false medical information surfaced. Or imagine if your medical check-up information was accessed by unknown individuals and used to access other personal data such as insurance. These are all cybercrimes that utilize deepfake.
The Chief Healthcare Executive reported that there were 220 cyberattacks on hospitals and healthcare systems in mid-2023. Cybersecurity experts emphasize that among these attacks, those using AI should be particularly guarded against.
Deepfake Attacks in the Healthcare Industry
1. Fake News and Information
Deepfake can be used to spread false information about drugs, vaccines, or medical treatments purportedly delivered by doctors. This information can cause public panic and diagnostic errors.
2. Manipulation of Medical Records
Deepfakes can manipulate medical records or create fake medical records on behalf of someone. Fraudsters access patients' personal information using fake biometric verifications with deepfake and then steal the medical records. Falsifying medical records can lead to incorrect diagnoses and improper use of medication.
3. Identity Theft
Similar to the manipulation of medical records, deepfake can be used to gather patients' personal data through unauthorized access to hospital applications. This personal data is then misused to claim insurance, hack bank accounts, or commit other forms of fraud.
4. Voice Impersonation
Deepfake in the form of voice cloning can be used to mimic someone's voice. Voice cloning is highly dangerous if fraudsters successfully mimic a doctor's voice providing medical information or diagnoses to patients.
Also read: Deepfake Can Deceive Health Insurance Claims
Understanding Deepfake Attacks
Deepfake attacks on general healthcare service applications generally occur during the verification process of an application. Verification is the initial stage in user registration (onboarding) when the application requests personal data. Deepfake attacks are divided into two types: presentation attack and injection attack.
- Presentation Attack
Presentation Attack is an attempt to defraud biometric authentication systems by presenting fake biometrics. These biometrics can be in the form of photos, masks, or other disguises to deceive the biometric system. The goal is illegal access to the security system. Deepfake technology can create images or videos that are very realistic and taken from real people.
- Injection Attack
This attack is more sophisticated than Presentation Attack. This attack involves injecting malicious code or commands into the biometric system to gain unauthorized access and manipulate the system. For example, fraudsters inject deepfake audio into voice recognition systems used in verification. Like Presentation Attack, the goal of this attack is to gain illegal access to the security system.
Also read: What's Deepfake?
Protect Your Business with Deepfake Shield
VIDA Deepfake Shield is the latest security feature from VIDA that protects biometric verification systems. This feature can prevent identity forgery, including the use of fake photos, videos, and masks to ensure that verification is done by the right person.
This technology is part of the VIDA Identity Platform. Designed to protect and prevent identity forgery attacks in various ways, including using photos, videos, and masks. VIDA Deepfake Shield is different from other systems because it has several security layers, including API and SDK components, to defend against various deepfake threats, including Presentation and Injection attacks.
Read more about deepfake and VIDA Deepfake Shield here.
.png)
