Nation state hackers use ChatGPT to improve cyberattacks

Occurred: 2023-2024

China, Iran, Russia and North Korea used ChatGPT to research, refine, and mount offensive cyber operations across the world. 

According to Microsoft research, Russian, North Korean, Iranian, and Chinese-backed groups have been discovered using tools including ChatGPT to conduct research into targets and to improve scripts and social engineering techniques for surveillance, disinformation and influence operations, and cybercrime campaigns.

The techniques employed were considered 'early-stage' and not 'particularly novel or unique, and 'significant attacks' using ChatGPT and other large language models were not discovered, Microsoft said. In a blog post, OpenAI argued its GPT-4-powered chatbot offers 'only limited, incremental capabilities for malicious cybersecurity tasks beyond what is already achievable with publicly available, non-AI powered tools.'

However, experts believe that it is only a matter of time before effective malicious nation state-backed campaigns using chatbots and large language models are conducted.

Operator: Aquatic Panda; Charcoal Typhoon; Crimson Sandstorm; Emerald Sleet; Fancy Bear; Forest Blizzard; Maverick Panda; Salmon Typhoon
Developer: OpenAI
Country: China; Iran; N Korea; Russia
Sector: Govt - defence
Purpose: Conduct research; Generate phishing content; Generate code
Technology: Chatbot
Issue: Fraud; Mis/disinformation; Reputational damage; Security
Transparency