On February 14, 2024, OpenAI (which owns ChatGPT) and Microsoft Threat Intelligence announced that they had jointly disrupted five state-affiliated threat actors that had sought to use AI services to support their malicious cyber activities.
According to OpenAI’s official announcement, these five state – affiliated malicious actors are:
● Two China-affiliated threat actors known as Salmon Typhoon and Charcoal Typhoon,
● One Russia-affiliated threat actor known as Forest Blizzard,
● One North Korea-affiliated threat actor known as Emerald Sleet, and
● One Iran-affiliated threat actor known as Crimson Sandstorm.
“The identified OpenAI accounts associated with these actors were terminated,” OpenAI said.
These threat actors were using ChatGPT to research various companies and cybersecurity tools, create content for potential phishing and spear-phishing campaigns, as well as identify publicly available vulnerabilities in the Asia-Pacific region, among other malicious cyber activities.
Microsoft Threat Intelligence noted that threat actors were using prompt-injections, fraud, and the attempted misuse of large language models (LLMs) to bolster their malicious cyber activities.
“Microsoft and OpenAI have not yet observed particularly novel or unique AI-enabled attack or abuse techniques resulting from threat actors’ usage of AI. However, Microsoft and our partners continue to study this landscape closely,” Microsoft said.
Although the current AI models are still very limited in their ability to support malicious cyber activities, both OpenAI and Microsoft are taking a multi-pronged approach to combat illicit use of their AI models.
Their measures include monitoring and disrupting the activities of state – affiliated threat actors, updating safety mitigations and safeguards, and educating the public on evolving threats to ensure preparedness.
Protect Your Business with the Help of Cybersecurity Experts
Microsoft and OpenAI’s recent report on the misuse of AI tools by cybercriminals (including state-sponsored ones) highlights the importance of relying on the expertise of senior cybersecurity advisors to safeguard your business from threat actors.
“At Velocity, we provide our clients with Managed Cybersecurity Services and Solutions. These are designed to protect your business from potential hacker attacks,” notes Leo Tong, Velocity’s Sales Director.
“Our highly experienced and trustworthy Senior Cybersecurity Advisors stay abreast of the latest tactics used by cybercriminals to try and infiltrate your systems. These include the misuse of AI tools, targeting your devices with malware, and selling your stolen sensitive data on the dark web.”
Leo emphasised that Velocity wasn’t against the use of artificial intelligence in business processes, but he also admitted that many businesses weren’t fully prepared for AI adoption.
“Businesses need to focus on establishing the proper IT infrastructure and additional guardrails to protect themselves from AI – related risks – including reputational, financial, and business continuity risks,” Leo added.
“We’re advocates of Microsoft 365 (which includes Teams, Outlook, and OneDrive). This comprehensive suite of products aligns with our advocacy for secure and collaborative Modern Workplaces. However, we’re not advocates of the early adoption of Microsoft’s AI Copilot tool.”
“Get one of our Senior Cybersecurity Advisors onboard first to manage the transition process to avoid any costly mistakes down the road.”
Want to safeguard your systems and data? Microsoft has countermeasures that can help their users. Contact us for more information.
