Cybersecurity in the age of AI, deepfakes, and hybrid threats

What attacks us today – and how we can defend ourselves sustainably: Donald Ortmann took us on a journey through the reality of modern attacks on organizations and ecosystems. His central theme: attacks are rarely “just technical.” They often start where trust is established – in communication, context, and perceived authenticity. This is precisely why “medieval” principles such as clear rules, discipline, and robust processes remain indispensable even in highly digital environments.

• What was it about specifically?
• How modern attacks interact today: social engineering, AI-supported methods, and technical exploits.
• Why authenticity is the basis of trust – and why social engineering specifically abuses this trust.
• What typical vulnerabilities attackers can exploit, e.g., in remote identification processes.

Deepfakes are no longer a thing of the future. Philipp Dewald showed how rapidly the technology has developed, where it is already very convincing today—and why this is particularly relevant for financial companies. The focus was on technical detection approaches as well as the question of where their limits lie and what consequences this has for real-world processes.

Practical highlights from the talk:

• Specific areas of vulnerability in finance: from remote KYC/video identification to identity fraud in video conferences and voice cloning in telephone banking
• How deepfake detection works in practice: automated analysis (AI & forensics), checks for watermarks (e.g., C2PA, SynthID), and metadata analysis
• Practical verification in everyday life: communication via trusted channels, conscious cross-checking, “shared knowledge” as a plausibility check

Dr. Boris Hemkemeier showed why classic scam patterns (keyword: “Nigerian prince”) are becoming less common today—and what is dominating instead: cybercrime as a professionally organized, scalable industry. Fraud is increasingly based on division of labor, with “back office” structures such as scam factories, and relies heavily on platform models, e.g., in the area of cyber trading.

One striking detail: even “victim support” is sometimes systematically organized – for example, via WhatsApp groups where narratives and trust are built up.

The second part (“Political Hackers”) dealt with disinformation and hybrid activities in Europe – and the connection to AI: among other things, via information gaps (“data voids”) and the possibility of influencing models with comparatively few “poisoned documents.”