Microsoft and OpenAI say hackers are using ChatGPT to improve cyberattacks

Share via:


Microsoft and OpenAI are revealing today that hackers are already using large language models like ChatGPT to refine and improve their existing cyberattacks. In newly published research, Microsoft and OpenAI have detected attempts by Russian, North Korean, Iranian, and Chinese-backed groups using tools like ChatGPT for research into targets, to improve scripts, and to help build social engineering techniques.

“Cybercrime groups, nation-state threat actors, and other adversaries are exploring and testing different AI technologies as they emerge, in an attempt to understand potential value to their operations and the security controls they may need to circumvent,” says Microsoft in a blog post today.

The Strontium group, linked to Russian military intelligence, has been found to be using LLMs “to understand satellite communication protocols, radar imaging technologies, and specific technical parameters.” The hacking group, known also as APT28 or Fancy Bear, has been active during Russia’s war in Ukraine and was previously involved in targeting Hillary Clinton’s presidential campaign in 2016.

The group has also been using LLMs to help with “basic scripting tasks, including file manipulation, data selection, regular expressions, and multiprocessing, to potentially automate or optimize technical operations,” according to Microsoft.

A North Korean hacking group, known as Thallium, has been using LLMs to research publicly reported vulnerabilities and target organizations, to aid in basic scripting tasks, and to draft content for phishing campaigns. Microsoft says the Iranian group known as Curium has also been using LLMs to generate phishing emails and even code for avoiding detection by antivirus applications. Chinese state-affiliated hackers are also using LLMs for research, scripting, translations, and to refine their existing tools.

There have been fears around the use of AI in cyberattacks, particularly as AI tools like WormGPT and FraudGPT have emerged to assist in the creation of malicious emails and cracking tools. A senior official at the National Security Agency also warned last month that hackers are using AI to make their phishing emails look more convincing.

Microsoft and OpenAI haven’t detected any “significant attacks” using LLMs yet, but the companies have been shutting down all accounts and assets associated with these hacking groups. “At the same time, we feel this is important research to publish to expose early-stage, incremental moves that we observe well-known threat actors attempting, and share information on how we are blocking and countering them with the defender community,” says Microsoft.

While the use of AI in cyberattacks appears to be limited right now, Microsoft does warn of future uses cases like voice impersonation. “AI-powered fraud is another critical concern. Voice synthesis is an example of this, where a three-second voice sample can train a model to sound like anyone,” says Microsoft. “Even something as innocuous as your voicemail greeting can be used to get a sufficient sampling.”

Naturally, Microsoft’s solution is using AI to respond to AI attacks. “AI can help attackers bring more sophistication to their attacks, and they have resources to throw at it,” says Homa Hayatyfar, principal detection analytics manager at Microsoft. “We’ve seen this with the 300+ threat actors Microsoft tracks, and we use AI to protect, detect, and respond.”

Microsoft is building a Security Copilot, a new AI assistant that’s designed for cybersecurity professionals to identify breaches and better understand the huge amounts of signals and data that’s generated through cybersecurity tools daily. The software giant is also overhauling its software security following major Azure cloud attacks and even Russian hackers spying on Microsoft executives.



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Popular

More Like this

Microsoft and OpenAI say hackers are using ChatGPT to improve cyberattacks


Microsoft and OpenAI are revealing today that hackers are already using large language models like ChatGPT to refine and improve their existing cyberattacks. In newly published research, Microsoft and OpenAI have detected attempts by Russian, North Korean, Iranian, and Chinese-backed groups using tools like ChatGPT for research into targets, to improve scripts, and to help build social engineering techniques.

“Cybercrime groups, nation-state threat actors, and other adversaries are exploring and testing different AI technologies as they emerge, in an attempt to understand potential value to their operations and the security controls they may need to circumvent,” says Microsoft in a blog post today.

The Strontium group, linked to Russian military intelligence, has been found to be using LLMs “to understand satellite communication protocols, radar imaging technologies, and specific technical parameters.” The hacking group, known also as APT28 or Fancy Bear, has been active during Russia’s war in Ukraine and was previously involved in targeting Hillary Clinton’s presidential campaign in 2016.

The group has also been using LLMs to help with “basic scripting tasks, including file manipulation, data selection, regular expressions, and multiprocessing, to potentially automate or optimize technical operations,” according to Microsoft.

A North Korean hacking group, known as Thallium, has been using LLMs to research publicly reported vulnerabilities and target organizations, to aid in basic scripting tasks, and to draft content for phishing campaigns. Microsoft says the Iranian group known as Curium has also been using LLMs to generate phishing emails and even code for avoiding detection by antivirus applications. Chinese state-affiliated hackers are also using LLMs for research, scripting, translations, and to refine their existing tools.

There have been fears around the use of AI in cyberattacks, particularly as AI tools like WormGPT and FraudGPT have emerged to assist in the creation of malicious emails and cracking tools. A senior official at the National Security Agency also warned last month that hackers are using AI to make their phishing emails look more convincing.

Microsoft and OpenAI haven’t detected any “significant attacks” using LLMs yet, but the companies have been shutting down all accounts and assets associated with these hacking groups. “At the same time, we feel this is important research to publish to expose early-stage, incremental moves that we observe well-known threat actors attempting, and share information on how we are blocking and countering them with the defender community,” says Microsoft.

While the use of AI in cyberattacks appears to be limited right now, Microsoft does warn of future uses cases like voice impersonation. “AI-powered fraud is another critical concern. Voice synthesis is an example of this, where a three-second voice sample can train a model to sound like anyone,” says Microsoft. “Even something as innocuous as your voicemail greeting can be used to get a sufficient sampling.”

Naturally, Microsoft’s solution is using AI to respond to AI attacks. “AI can help attackers bring more sophistication to their attacks, and they have resources to throw at it,” says Homa Hayatyfar, principal detection analytics manager at Microsoft. “We’ve seen this with the 300+ threat actors Microsoft tracks, and we use AI to protect, detect, and respond.”

Microsoft is building a Security Copilot, a new AI assistant that’s designed for cybersecurity professionals to identify breaches and better understand the huge amounts of signals and data that’s generated through cybersecurity tools daily. The software giant is also overhauling its software security following major Azure cloud attacks and even Russian hackers spying on Microsoft executives.



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

More like this

Indian SaaS unicorn LeadSquared reports $19m loss in FY24

The company's operating revenue rise by 9.12% to...

South Korea sanctions 15 North Koreans for crypto heists...

The sanctioned agents were allegedly generating funds for...

Elon Musk To Offer Wikipedia Rs 8,539 Crore—But Only...

Elon Musk, the CEO of Tesla and the world’s...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!