Microsoft (MSFT) and OpenAI released a report on Wednesday showing that hacker groups in China, Iran, North Korea, and Russia are using AI large-scale language models (LLMs) to increase the likelihood of successful cyber attacks. He said he is investigating more and more.
The report says nation-state actors are using AI to understand everything from satellite technology to how to develop malicious code that can evade detection by cybersecurity software.
“Cybercriminal groups, nation-state threat actors, and other adversaries are investigating and investigating various AI technologies as they emerge, trying to understand their potential value to their operations and what security controls they need to circumvent. testing,” the companies said in the article. report.
Microsoft and OpenAI have cited four different groups as using large language models in connection with their hacking activities. Russian Forest Blizzard, also known as Strontium. North Korean emerald sheets, also known as thallium. Iran’s Red Sandstorm, also known as Curium. and the Chinese Charcoal Typhoon, known as Chromium, and the Salmon Typhoon, known as Sodium.
In the case of the Russian hackers, Microsoft and OpenAI say the group uses LLM to understand satellite capabilities and radar technology, and to get help scripting tasks and manipulating files.
North Korea’s Emerald Sheet provides a deeper understanding of public software vulnerabilities, including improving social engineering for scripting tasks, phishing and spear-phishing email campaigns, and learning about groups such as think tanks working on North Korea’s nuclear weapons program We have used this technology for Crimson Sandstorm also used this technology in spear phishing campaigns, developing code, and defeating antivirus programs.
Regarding China’s Charcoal Typhoon and Salmon Typhoon, Microsoft says these groups use LLMs for a variety of reasons, from streamlining translation and cyber tasks to detecting coding errors and developing potentially malicious code. He said he is using it.
The company said it had disabled the groups’ accounts and assets, adding that it had not seen any “significant attacks” using the LLMs it was monitoring.
It’s no surprise that hackers use AI and LLM to launch cyberattacks. Organizations are always looking for ways to increase their chances of infiltrating a victim’s network, and AI is just one of those ways.
Microsoft itself has faced similar attacks, including one it reported in January. In the attack, Russia’s Midnight Blizzard, also known as Nobelium, gained access to accounts associated with the company’s senior leadership team, cybersecurity, and legal departments and stole emails and documents.
daniel howley I’m the technology editor at Yahoo Finance. He has been covering the technology industry since his 2011. You can follow him on Twitter. @Daniel Howley.
Click here for the latest technology news impacting the stock market.
Read the latest financial and business news from Yahoo Finance
