North Korea and Iran using AI for hacking, Microsoft says

  • Microsoft has detected threats from foreign countries, primarily North Korea and Iran, that used or attempted to exploit generative AI technology developed by Microsoft and OpenAI.
  • These techniques are early-stage and not particularly novel or unique, but Microsoft believes it’s important to expose them publicly as US rivals leverage large-language models to expand their ability to breach networks and conduct influence operations.
  • The North Korean cyber-espionage group known as Kimsuky has used the models to research foreign think tanks that study the country, and to generate content likely to be used in spear-phishing hacking campaigns.
  • Iran’s Revolutionary Guard has used large-language models to assist in social engineering, in troubleshooting software errors, and even in studying how intruders might evade detection in a compromised network.
  • The Russian GRU military intelligence unit known as Fancy Bear has used the models to research satellite and radar technologies that may relate to the war in Ukraine.
  • The Chinese cyber-espionage group known as Aquatic Panda has interacted with the models in ways that suggest a limited exploration of how LLMs can augment their technical operations.

Read more at: https://www.theguardian.com