Threat actors can use ChatGPT to sharpen cyberthreats, but no...
As ChatGPT gains popularity in both consumer and business worlds, there is a growing concern among security experts about the potential for malicious actors to exploit generative AI for nefarious purposes. However, the threat is not yet at a level that warrants full-on panic.
A threat intelligence firm has detected up to 118 malicious URLs related to ChatGPT daily, with domain squatting related to the tool surging 17,818%. The earliest and most obvious threats involving ChatGPT include sharp phishing email composition, some malware coding, and the gathering and contextualization of data for more effective targeting. While ChatGPT could enable threat actors to write more targeted and effective code, the generative AI tool hasn’t written a piece of fully fledged functioning malware yet.
Researchers have observed threat actors using ChatGPT to write malicious code as early as January, but analysis ruled the resulting code rudimentary at that stage. Adversaries could use ChatGPT’s problem-solving capabilities to learn specific routes on firewalls, for example, or identify unpatched vulnerabilities to determine what to target.
The bigger and more immediate worry involves data mining. ChatGPT’s ability to find patterns in large datasets and marry those findings with patterns in other datasets could result in some scary outcomes.
Cybersecurity professionals are reluctant to deem ChatGPT a force that will predominantly be used to inflict damage, but they’re not yet willing to count that out as a possibility since there are always individuals willing to use something for bad purposes. For now, cybersecurity professionals see ChatGPT doing more to bolster defense than tear it down.
It is important to have conversations about the potential dangers of tools like ChatGPT. AI is a new arms race across different nations, and data mining and cybersecurity are at the forefront of this race. As such, it is vital to stay informed and aware of the risks associated with these technologies, while also understanding their potential benefits.
