Threat actors are using large language models (LLMs) to improve their cyberattacks, Microsoft and OpenAI revealed recently.
In a new blog post, Microsoft and OpenAI say it discovered attempts by Russian, North Korean, Iranian, and Chinese-backed threat actors to use LLMs like ChatGPT to research its targets and use its basic scripting tasks to “optimize” technical operations.
“Over the last year, the speed, scale, and sophistication of attacks has increased alongside the rapid development and adoption of AI,” Microsoft stated in the blog. “Our analysis of the current use of LLM technology by threat actors revealed behaviors consistent with attackers using AI as another productivity tool on the offensive landscape.”
Microsoft provided a few examples of groups engaged in this type of activity. First, a group called Strontium was linked to Russian military intelligence. The group is using LLMs to research satellite and radar technologies that may relate to conventional military operations in Ukraine and also basic research aimed at supporting their cyber operations.
A North Korean hacking group known as Thallium was also mentioned. Microsoft says the group has been using LLMs “to understand publicly known vulnerabilities, to troubleshoot technical issues, and for assistance with using various web technologies.”
Microsoft listed three other threat groups also and says all accounts and assets associated with all the groups it mentioned in its blog post have been disabled. There has been a concern with the rapid emergence of AI that it could be used for cyberattacks. Microsoft said the objective of its partnership with OpenAI and this report is “to ensure the safe and responsible use of AI technologies like ChatGPT.”
Microsoft said it will continue to work on and investigate the misuse of LLMs and track threat actors and malicious activity. It also said it would continue to work with OpenAI and other partners “to share intelligence, improve protections for customers and aid the broader security community.”
Image credit: Shutterstock
MobileSyrup may earn a commission from purchases made via our links, which helps fund the journalism we provide free on our website. These links do not influence our editorial content. Support us here.