Episode 159: Deep Fakes and Election (in)Security with ZeroFOX

In this week’s episode of the podcast (#159) we delve into the myriad challenges to election security with Sam Small, the Chief Security Officer at the firm ZeroFOX. While public attention may be focused on voting machinery, an even bigger risk comes from social manipulation of the voting public using platforms like Facebook and Twitter, as well as so-called ‘deep fake’ videos and audio to sow confusion, Small tells me.

The Voting Village at the recent DEFCON Conference in Las Vegas put the spotlight on both software and physical security holes in electronic voting equipment used all over the United States. But that’s old news – to say the least. And, as we’ve argued before: they may even be a distraction.

Voting Machine insecurity is a Distraction

The question we should be asking is this: are the parties who want to influence the outcome of, say, the 2020 presidential race in the United States even interested in tampering with voting machines? After all: there are many other ways to effect the outcome of an election and many more ready tools with which to do so than wonky, 20 year old electronic voting systems. 

Take social media. (Please!) Facebook’s former CISO, Alex Stamos warned this week in an interview that Facebook’s popular Instagram photo sharing service might be weaponized during the 2020 presidential race.

Stamos, who left Facebook in 2018 and now serves as the director of the Internet Observatory at Stanford University, said that Instagram’s picture-first platform would pose little challenge to the Russian Internet Research Agency which, Stamos notes, employs teams of people to craft sophisticated visual “memes” that can be shared on platforms like Instagram. 

Consider the Deep Fake…

Or what about deep fake videos? With machine learning technology now able to morph video and audio to suit the needs of anyone with a laptop and some time on their hands, there is really no limit to how a campaign narrative might become distorted or driven off course. 

How worried should we be? In this episode of the podcast we sat down to talk with someone who should know: Sam Small, the Chief Security Officer of the firm ZeroFOX.

Sam Small is the Chief Security Officer at the firm ZeroFOX.

In this interview, Sam and I talk about the myriad threats to the integrity of our elections and whether our public institutions as well as private platforms like Facebook and Twitter are up to the challenge of securing the integrity of democratic elections. 

Sam notes that, while major platforms are doing a better job of monitoring and taking steps to defuse disinformation campaigns, the scale of their networks and suspicious activity is simply too large to squelch out completely.

More worrisome is the exposure that local governments and campaigns to attacks that may seek to sow disinformation or manipulated videos and audio that can sway the course of an election.

I started off by asking Sam to explain what deep fakes are and how they might be used to distort public perceptions about a person or event. 

As always,  you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and check us out on SoundCloudStitcherRadio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted.