Hackers are using ChatGPT to launch cyber attacks: Microsoft and OpenAI

Microsoft and OpenAI have revealed in a newly published research that hackers are using large language models like ChatGPT to refine and improve their existing cyberattacks.

Russian, North Korean, Iranian, and Chinese-backed groups are using tools like ChatGPT for research into targets, to improve scripts, and to help build social engineering techniques, Microsoft and OpenAI claim.

The research pointed out the Strontium group, linked to Russian military intelligence, to be using LLMs “to understand satellite communication protocols, radar imaging technologies, and specific technical parameters.”

The hacking group, known also as APT28 or Fancy Bear, has been active during the Russia-Ukraine war and was previously involved in targeting Hillary Clinton’s presidential campaign in 2016.

A North Korean hacking group, known as Thallium, has been using LLMs to research publicly reported vulnerabilities and target organizations, to aid in basic scripting tasks, and to draft content for phishing campaigns, the research found.

Microsoft also found that the Iranian group known as Curium has also been using LLMs to generate phishing emails and even code for avoiding detection by antivirus applications. Chinese state-affiliated hackers are also using LLMs for research, scripting, translations, and to refine their existing tools.

Microsoft and OpenAI haven’t detected any “significant attacks” using LLMs yet, but the companies have been shutting down all accounts and assets associated with these hacking groups.

In response, Microsoft’s solution is using AI to respond to AI attacks. The tech giant Microsoft is building a Security Copilot, a new AI assistant that’s designed for cybersecurity professionals to identify breaches and better understand the huge amount of signals and data that’s generated through cybersecurity tools daily.

The software giant is also overhauling its software security following major Azure cloud attacks and even Russian hackers spying on Microsoft executives.

Leave a Reply

Your email address will not be published. Required fields are marked *