Deepfake audio and videos are advancing so quickly that investors now believe security tools designed to detect them will soon be a must-have for all companies.

Why it matters: Generative AI has significantly lowered the barrier to entry for attackers who want to create fake audio and video to trick companies.

• Major companies — and even the U.S. presidential election — are prime targets for attackers using these tools.

Driving the news: Norwest Venture Partners published a market map today of deepfake and brand security vendors that attempts to organize the growing number of companies operating in this space.

• The market map, first shared with Axios, divides the ecosystem into six buckets: image and video detection, audio detection, content watermarking, identity verification, brand protection, and narrative attack protection.

The intrigue: Investors see deepfake detection becoming just as necessary as email and application security tools, and startups are primed to lead in this space.

• Model makers like OpenAI and Anthropic are mostly focused on building new consumer and enterprise products for their large language models.
• And traditional cybersecurity vendors would have to build an entirely new tool with biometric data to detect deepfakes, Dave Zilberman, a general partner at Norwest, told Axios.

Catch up quick: Deepfakes used to be obvious and clunky, with audio glitches and poorly edited video.

• But new generative AI tools have made it much easier and faster for malicious actors to improve these fakes — and these tools are improving at a rapid clip.
• In a study published yesterday, researchers at Utah Valley University found that 56% of their 244 survey participants believed a deepfake video was real. Half of them also believed a deepfake audio clip was legitimate.

The big picture: Norwest identified a variety of earlier-stage companies that are leading in this space.

• Reality Defender, GetReal Labs and Deed Media are some of the top players in image and video detection, while Pindrop and Resemble AI are among those leading in audio detection.
• Polyguard, Deduce, Nametag and Kibu are new players to watch in the identity verification sector.
• DeepTrust has become a leader in watermarking audio content. EchoMark, Truepic and Steg.AI are leaders in video or document watermarking.

Between the lines: Investors are starting to pour money into this space.

• Reality Defender raised a $33 million Series A round last week. Clarity, a video deepfake detector, raised a $16 million seed round in February.
• Meanwhile, Pindrop secured a $100 million loan from Hercules Capital in July.

Zoom in: Vijay Balasubramaniyan, co-founder and CEO of Pindrop, told Axios that his company has signed 16 customers since releasing its deepfake audio detection tool in February.

• "In six months, we've sold more deepfake detection than our first product, which put us on the map, in [its] first five years," Balasubramaniyan said.
• Pindrop's customers include financial institutions, media companies and communications firms.
• Pindrop went from seeing one deepfake per month across its entire customer base last year to seeing one deepfake per day per customer this year, Balasubramaniyan said.

Threat level: For years, customers bought deepfake detection technology as a kind of insurance policy in case, one day, they saw such a threat.

• Buying security tools with an insurance mindset doesn't last in a tight economy, Zilberman said.
• However, the threat is now real and visceral, Balasubramaniyan noted.
• "We are really seeing a massive explosion of attackers using generative AI and deepfakes to complete their attacks," Balasubramaniyan said. "It is actually a real threat."

Salt Typhoon, the recently uncovered Chinese hacking group, used its access in U.S. telecommunications networks to target former President Donald Trump, his running mate JD Vance and associates of Vice President Kamala Harris, according to recent reports.

The big picture: Beijing has become more brazen in its attacks on the U.S. government and the country's infrastructure.

• Intertwined trade and economic relationships make it tough for the U.S. to hand down sanctions or respond to these hacks in a meaningful way.

Driving the news: The Washington Post reported Sunday that state-affiliated hackers were able to collect audio from phone calls of U.S. political figures, including a Trump campaign adviser.

• Hackers also collected unencrypted communications, including text messages, per the report.
• The targeting was part of a broader intelligence-gathering effort. Harris campaign associates, Senate Majority Leader Chuck Schumer and other prominent figures were also targeted, according to reports.
• The FBI and the Cybersecurity and Infrastructure Security Agency said Friday that they were investigating the matter.
• A government advisory board is now planning to investigate the hacks, and the White House has been hosting confidential meetings with compromised telecommunications firms, including Verizon, AT&T and Lumen Technologies.

Threat level: News of even an attempted hack on a presidential candidate's device can further sow distrust in election infrastructure.

• Foreign adversaries have been working hard to foster fear and incite violence around next week's elections.

The other side: Beijing is denying its involvement in the hacks.

Our thought bubble: Election meddling has entered a new era where adversaries unafraid of diplomatic consequences are willing to do anything to cause destruction.

• Disinformation and email hacks are now considered low-hanging fruit.

What we're watching: The fallout from the new attack won't end on Election Day.

• Expect a wave of public agency statements, investigatory reports and new commitments from telecommunications providers in the coming months.

Stairwell — a cybersecurity company that scans customers' files and other data for signs of an intrusion —is now providing free services to federal political campaigns, the company first shared with Axios.

Why it matters: Hackers are doing whatever they can to cause chaos in the U.S. election cycle and steal confidential information from political campaigns this year.

• But most campaigns don't have either the funds or the time to find the best security products to detect hackers in their systems.

Driving the news: Stairwell announced today it's working with Defending Digital Campaigns (DDC) to get its tech in the hands of staffers and volunteers.

• DDC is a nonprofit that works with tech vendors to provide federal campaigns with free or low-cost access to cybersecurity products.

The intrigue: Stairwell CEO Mike Wiacek said that his company has already signed an agreement with DDC and that, so far, each campaign Stairwell has spoken with has signed up for the service.

• DDC and Stairwell did not disclose how many campaigns or which ones signed up, per DDC's policy and to protect campaigns from malicious actors.

Threat level: Federal campaigns are facing an unprecedented number of attacks, Wiacek said.

• "There's almost no price that a hostile foreign intelligence service would not pay to get into these [campaign] systems," Wiacek said.

Between the lines: Many cybersecurity tools scan endpoints for signs of malicious intruders trying to get in.

• Stairwell stores a copy of a company's data in the cloud and routinely scans for signs of tampering in case a hacker can bypass endpoint security tools, Wiacek said.
• That includes when a campaign staffer accidentally downloads a malicious file or when a hacker corrupts a key data file.

What's next: Stairwell will provide campaigns with its free services as long as they're operating.

@ D.C.

🗳️ Financially motivated hackers are more likely than state-backed hackers to target U.S. election infrastructure, according to an obtained government report. (Wired)

⁉️ The State Department's Global Engagement Center, which helps to counter foreign disinformation, faces an uncertain future as its congressional authorization is set to expire in December. (Politico)

@ Industry

💰 Israeli cyber firm Armis Security raised a $200 million Series D funding round led by General Catalyst and Alkeon Capital Management. (Reuters)

⭐️ CyberScoop has named the 50 recipients of its 2024 annual awards. (CyberScoop)

@ Hackers and hacks

⚠️ The Fog and Akira ransomware gangs are increasingly breaching corporate networks via SonicWall VPN accounts. (BleepingComputer)

☎️ Wiz CEO Assaf Rappaport said at TechCrunch Disrupt that threat actors have created a deepfake of his voice and used it to call employees as recently as two weeks ago. (TechCrunch)

Sorry, but I'm still not over Timothée Chalamet showing up to a Timothée Chalamet lookalike contest in NYC this weekend looking the least like himself.