What has long been feared by cybersecurity specialists has now been confirmed by Microsoft and OpenAI. Hackers are actively using ChatGPT and the like to launch cyberattacks.

Microsoft and OpenAI have published a joint study on the use of AI technology by hackers. It’s certainly not the first time we’ve heard that AI can be a useful tool for hackers, but both companies describe specific examples of how OpenAI’s services are now being actively abused. As it turns out, this can be done for a variety of purposes.

Writing scripts and phishing

Microsoft begins its overview with an example of Forest storm, a Russian collective by which it (like HPE) was recently embarrassed. The hackers are said to have close ties to the Kremlin and are also actively involved in the Ukraine war. Its activities span multiple sectors including defense, transportation and logistics, government, energy, NGOs and information technology. The group uses ChatGPT and LLM-based coding applications to write scripts for various types of cyber attacks, such as file manipulation.

From Russia it then goes to North Korea, Iran and China. A North Korean group Emerald sleet uses AI help to create more convincing phishing emails. The Iranian collective Purple sand stream uses OpenAI services to develop malicious .NET code, and the practices of two Chinese hacking groups show that AI is also used to detect flaws in code and figure out how cybersecurity tools work and can be circumvented.

Microsoft and OpenAI are sharing this knowledge not to give hackers ideas, but to warn other interested parties about what they are seeing. Both companies also promise to use this knowledge to improve the security mechanisms of AI applications and APIs and to detect and neutralize suspicious accounts more quickly.