The Fight Against AI Might Be Earlier Than We Thought

Microsoft said Wednesday that U.S. adversaries — chiefly Iran and North Korea and to a lesser extent Russia and China — are beginning to use generative artificial intelligence to mount or organize offensive cyber operations.

The technology giant said it detected and disrupted, in collaboration with business partner OpenAI, threats that used or attempted to exploit AI technology they had developed.

In a blog post, the Redmond, Washington, company said the techniques were “early-stage” and neither “particularly novel or unique” but that it was important to expose them publicly as U.S. rivals leverage large-language models to expand their ability to breach networks and conduct influence operations.

Cybersecurity firms have long used machine-learning on defense, principally to detect anomalous behavior in networks. But criminals and offensive hackers use it as well, and the introduction of large-language models led by OpenAI's ChatGPT upped that game of cat-and-mouse.

Microsoft has invested billions of dollars in OpenAI, and Wednesday's announcement coincided with its release of a report noting that generative AI is expected to enhance malicious social engineering, leading to more sophisticated deepfakes and voice cloning . A threat to democracy in a year where over 50 countries will conduct elections, magnifying disinformation and already occurring,

Here are some examples Microsoft provided. In each case it said all generative AI accounts and assets of the named groups were disabled:

North Korea

The North Korean cyberespionage group known as Kimsuky has used the models to research foreign think tanks that study the country, and to generate content likely to be used in spear-phishing hacking campaigns.

Iran

Iran's Revolutionary Guard has used large-language models to assist in social engineering, in troubleshooting software errors, and even in studying how intruders might evade detection in a compromised network. That includes generating phishing emails “including one pretending to come from an international development agency and another attempting to lure prominent feminists to an attacker-built website on feminism.” The AI helps accelerate and boost the email production.

Russia

The Russian GRU military intelligence unit known as Fancy Bear has used the models to research satellite and radar technologies that may relate to the war in Ukraine.

China

The Chinese cyberespionage group known as Aquatic Panda — which targets a broad range of industries, higher education and governments from France to Malaysia — has interacted with the models “in ways that suggest a limited exploration of how LLMs can augment their technical operations.”

The Chinese group Maverick Panda, which has targeted U.S. defense contractors among other sectors for more than a decade, had interactions with large-language models suggesting it was evaluating their effectiveness as a source of information “on potentially sensitive topics, high profile individuals, regional geopolitics, US influence, and internal affairs.”

In a separate blog published Wednesday, OpenAI said its current GPT-4 model chatbot offers "only limited, incremental capabilities for malicious cybersecurity tasks beyond what is already achievable with publicly available, non-AI powered tools.”

Cybersecurity researchers expect that to change.

Last April, the director of the U.S. Cybersecurity and Infrastructure Security Agency, Jen Easterly, told Congress that “there are two epoch-defining threats and challenges. One is China, and the other is artificial intelligence.”

Easterly said at the time that the U.S. needs to ensure AI is built with security in mind.

Critics of the public release of ChatGPT in November 2022 — and subsequent releases by competitors including Google and Meta — contend it was irresponsibly hasty, considering security was largely an afterthought in their development.

“Of course bad actors are using large-language models — that decision was made when Pandora’s Box was opened," said Amit Yoran, CEO of the cybersecurity firm Tenable.

Some cybersecurity professionals complain about Microsoft's creation and hawking of tools to address vulnerabilities in large-language models when it might more responsibly focus on making them more secure.

“Why not create more secure black-box LLM foundation models instead of selling defensive tools for a problem they are helping to create?" asked Gary McGraw, a computer security veteran and co-founder of the Berryville Institute of Machine Learning.

NYU professor and former AT&T Chief Security Officer Edward Amoroso said that while the use of AI and large-language models may not pose an immediately obvious threat, they “will eventually become one of the most powerful weapons in every nation-state military’s offense.”

More In Business

IPO to Innovation: Why Weshop Is One of Ecommerce’s Most Watched Companies

After a blockbuster IPO, Weshop is redefining ecommerce by giving users equity, influence, and a stake in the platform’s success.

Rewiring Rest: How Somnee Is Changing the Way We Sleep

Somnee CEO Tim Rosa shares how next-gen sleep wearables, tACS technology, and data-driven insights are redefining recovery and performance.

Beyond the Burn: How Orangetheory Is Shaping the Future of Studio Workouts

Orangetheory Fitness is redefining the future of workouts with smarter tech, strength-based programming, and community-driven studios built for what’s next.

Spain fines Airbnb $75 million for unlicensed tourist rentals

Spain's government has fined Airbnb 64 million euros or $75 million for advertising unlicensed tourist rentals. The consumer rights ministry announced the fine on Monday. The ministry stated that many listings lacked proper license numbers or included incorrect information. The move is part of Spain's ongoing efforts to regulate short-term rental companies amid a housing affordability crisis especially in popular urban areas. The ministry ordered Airbnb in May to remove around 65,000 listings for similar violations. The government's consumer rights minister emphasized the impact on families struggling with housing. Airbnb said it plans to challenge the fine in court.

Roomba maker iRobot files for bankruptcy protection; will be taken private under restructuring

Roomba maker iRobot has filed for Chapter 11 bankruptcy protection, but says that it doesn’t expect any disruptions to devices as the more than 30-year-old company is taken private under a restructuring process. iRobot said that it is being acquired by Picea through a court-supervised process. Picea is the company's primary contract manufacturer. The Bedford, Massachusetts-based anticipates completing the prepackaged chapter 11 process by February.

Serbia organized crime prosecutors charge minister, others in connection with Kushner-linked project

Serbia’s prosecutor for organized crime has charged a government minister and three others with abuse of position and falsifying of documents related to a luxury real estate project linked to U.S. President Donald Trump’s son-in-law Jared Kushner. The charges came on Monday. The investigation centers on a controversy over a a bombed-out military complex in central Belgrade that was a protected cultural heritage zone but that is facing redevelopment as a luxury compound by a company linked to Kushner. The $500 million proposal to build a high-rise hotel, offices and shops at the site has met fierce opposition from experts at home and abroad. Selakovic and others allegedly illegally lifted the protection status for the site by falsifying documentation.

Load More