Elevated
Fake
The more synthetic media is perceived to be legitimate and authoritative, the content is more likely to be trusted, persuasive, and acted upon.
Synthetic media can range from non-interactive, not ongoing, or not consistent (low) to interactive, ongoing, and consistent (high).
Synthetic media can range from very recognizable and familiar (high) or hardly (or not) recognizable and familiar (low).
Synthetic media can range from evoking a significant affective response (high) to barely or not at all eliciting an affective reaction.
Synthetic media can range from broadcast to a wide human audience or technical security measures (high) to a narrow, specific human audience or tailored technical security measure (low).
Computer intrusion used to launch a "No-flag" information operation campaign leveraging GenAI Deepfake content
The spread of behaviors, attitudes, beliefs and affect through social aggregates from one member to another
Adversaries seeking to outrage target audiences, resulting in collective mentality to mobilize into volatile engagements or damaging, violent protest
Deepfake technology intentionally using the likeness of famous and/or credible authorities in an effort to legitimize a scheme to defraud the target audience
Synthetic media as the initial access vector for cyber adversary use of malicious code or other tools to gain unauthorized access into a victim computer system or network
Iran IRGC information operation efforts
اطلاعات نادرست (bee itlaee), Iranian Disinformation
Iranian information operation strategies and tactics meant to shape the perceptions of target audiences
Technique that attempts to implant a false memory in the target through suggestion.
A feeling of dissatisfaction with one’s situation or circumstances. May be leveraged by an attacker by offering a path toward resolving the source disgruntlement as a means of manipulating the target.
An attacker leverages fear to gain target compliance.
Affective responses--emotions, moods and feelings--effect cognition and perception. Media that intentionally causes a high degree of emotional load can significantly image how target audience member perceives and thinks about the subject of the media.
False memory implantation is a recollection that seems real but is actually a fabricated or distorted recollection of an event by virtue of being fed untrue information about an event or experience. These memories may be entirely false and imaginary, or in some cases may contain elements of fact that have been distorted by interfering information or other memory distortions.
The Mere Exposure Effect is a cognitive bias where individuals show a preference for things they’re more familiar with. Repeated exposure to a stimulus increases liking and familiarity, even without conscious recognition.
Both humans and automation may be targeted by synthetic media attacks. This criteria references whether the target of the attack was human or automation. The highlighted icon represents the intended target of this submitted media.
Human
Technical
Hybrid
Unknown
A measure of if the attack was constructed by a human or by artificial intelligence. The highlighted icon represents the method of control of this submitted media.
Human
Automation
Hybrid
Unknown
The medium is the format of the content submitted. Highlighted items represent all of the various formats contained in the submitted content.
Text
Image
Video
Audio
Technical complexity of the atttack.
How damaging the attack was intended to be.
Psychological Pressure is the stress felt from perceived serious demands imposed on one person by another individual, group, or environment.
Chaos injection is the intentional introduction of evocative material--which is often ambiguous and unresolved--to cause confusion and disorder.
Create group, organization or societal division
Intentional strategy and tactics meant to mislead, misdirect and manipulate the perceptions of a target audience through simulation (showing the false) and/or dissimulation (hiding the real)
Instigating, eliciting or forcing the target audience to take and action that is advantageous to the deepfake threat adversary
Use of deepfake and synthetic media to promote a particular political, scientific, social or other cause
The creator and/or disseminator of the media seeks to create political discord, argumentation and divisiveness.
Intentional effort to shape the perceptions, decisions, and behaviors of target audiences to achieve specific objectives.
Significant time effort and energy were put into creating both the cyber attack and deepfake content for this campaign.
Motivation is the underlying activator, purpose or sustained reasons for why the deepfake threat actor wants to create nefarious synthetic media.
This attack was created to scare and shape the perceptions of the target audience
Targeting is the threat actor’s intentional selection of a target audience, or the group or individual whom he is interested in impacting with his deepfake campaign.
Viewers of the UAE streaming service platform HK1RBOXX
Research & Reconnaissance occurs when the threat actor is effortfully gathering information about the target audience, the optimal channels to conduct their campaign on, the relevant narratives for the attack, and type of content that will have the desired impact on the target audience.
Research efforts were focused on the computer intrusion, implantation and distribution facets of the campaign
Preparation & Planning are the steps and processes that the threat actor takes to acquire the tools and content needed to create the deepfake media for their campaign and their deliberation for the execution of the campaign.
Access to the target platform, knowledge on how to upload content to display to viewers was needed to ensure the success of this campaign. The video and imagery was generated from AI to replicate Gaza
Production is the threat actor’s use of tools and content for the creation and development of deepfake media for their attack campaign.
The deepfake content and still imagery was created with new synthetic media and was not a repurpose and augmentation of existing media
Narrative Testing. A narrative is a story, or an account of related events or experiences. A good narrative will have story coherence, such that both the story being told and its relationship to the real world are cohesive and clear. In deepfake campaigns, threat actors consider and evaluate the possible narratives—particularly in relation to events and context—to support the campaign in an effort to maximize the believability and efficacy of the attack.
The narrative conveyed through the deep, fake content, placed blame on Israel for the conflict in Gaza, and made Gaza perceive through a victim-based lens
Deployment is the threat actor’s intentional transmission of deepfake content to the target audience through selected online channels.
Computer intrusion and broadcast through HK1RBOXX streaming platform
Amplification is the threat actor’s intentional efforts to maximize the visibility, virality and target audience exposure to their deepfake content.
This attack was very jarring, and immediately was amplified by affected users via social media. Further, the campaign was picked up through main stream, information, security, and traditional media outlets.
Post-Campaign is the period after the target audience has received and been exposed to the deepfake content.
Multiple instances and channels through the HK1RBOXX streaming service
Computer intrusions that are leveraged to broadcast deceptive or influence operation content are evocative and often disturbing. Emotion, driven decision making is often heuristic based and "fast" thinking. Psyber labs recommends that when faced with illicitly, promulgated, media campaigns, view the content with great circumspection, and through Sloan and evidence-based thinking.