A team of researchers has uncovered what they said was the first reported use of artificial intelligence (AI) to direct a hacking campaign in a largely automated fashion.
The AI company Anthropic this week said that it disrupted a cyberoperation that its researchers linked to the Chinese government.
The operation involved the use of an AI system to direct the hacking campaigns, which researchers called a disturbing development that could greatly expand the reach of AI-equipped hackers.
Photo: Reuters
While concerns about AI being used to drive cyberoperations are not new, what is concerning is the degree to which AI was able to automate some of the work, the researchers said.
“While we predicted these capabilities would continue to evolve, what has stood out to us is how quickly they have done so at scale,” they said.
The hacking operation targeted tech companies, financial institutions, chemical companies and government agencies.
The hackers attacked “roughly 30 global targets and succeeded in a small number of cases,” the researchers said.
Anthropic said it detected the operation in September and took steps to shut it down and notify the affected parties.
While AI systems are increasingly being used in a variety of settings for work and leisure, they can also be weaponized by hacking groups working for foreign adversaries, it added.
Anthropic is one of many tech developers pitching AI “agents” that go beyond a chatbot’s capability to access computer tools and take actions on a person’s behalf.
“Agents are valuable for everyday work and productivity — but in the wrong hands, they can substantially increase the viability of large-scale cyberattacks,” the researchers said. “These attacks are likely to only grow in their effectiveness.”
Microsoft earlier this year warned that foreign adversaries were increasingly embracing AI to make their cybercampaigns more efficient and less labor-intensive.
The head of OpenAI’s safety panel, which has the authority to halt the ChatGPT maker’s AI development, said he is watching out for new AI systems that give malicious hackers “much higher capabilities.”
The US’ adversaries, criminal gangs and hacking companies have exploited AI’s potential, using it to automate and improve cyberattacks, spread inflammatory disinformation and penetrate sensitive systems. AI can translate poorly worded phishing e-mails into fluent English, for example, as well as generate digital clones of senior government officials.
Anthropic said the hackers were able to manipulate its AI chatbot, Claude, using “jailbreaking” techniques that involved tricking an AI system to bypass its guardrails against harmful behavior, in this case by claiming they were employees of a legitimate cybersecurity firm.
“This points to a big challenge with AI models, and it’s not limited to Claude, which is that the models have to be able to distinguish between what’s actually going on with the ethics of a situation and the kinds of role-play scenarios that hackers and others may want to cook up,” Citizen Lab senior researcher John Scott-Railton said.
The use of AI to automate or direct cyberattacks would also appeal to smaller hacking groups and lone-wolf hackers, who could use the technology to expand the scale of their attacks, said Adam Arellano, field chief technology officer at Harness, a tech company that uses AI to help customers automate software development.
“The speed and automation provided by the AI is what is a bit scary,” Arellano said. “Instead of a human with well-honed skills attempting to hack into hardened systems, the AI is speeding those processes and more consistently getting past obstacles.”
AI programs would also play an increasingly important role in defending against these kinds of attacks, Arellano said, adding that AI and the automation it allows would benefit both sides.
THE TRAGEDY OF PUNCH: Footage of the seven-month-old Japanese macaque has gone viral online after he was rejected by his mother and formed a bond with a soft toy A baby monkey in Japan has captured hearts around the world after videos of him being bullied by other monkeys and rejected by his mother went viral last week. Punch, a Japanese macaque, was born in July last year at Ichikawa City Zoo. He has drawn international attention after zookeepers gave him a stuffed orangutan toy after he was abandoned by his mother. Without maternal guidance to help him integrate, Punch has turned to the toy for comfort. He has been filmed multiple times being dragged and chased by older Japanese macaques inside the enclosure. Early clips showed him wandering alone with
South Korea would soon no longer be one of the few countries where Google Maps does not work properly, after its security-conscious government reversed a two-decade stance to approve the export of high-precision map data to overseas servers. The approval was made “on the condition that strict security requirements are met,” the South Korean Ministry of Land, Infrastructure and Transport said. Those conditions include blurring military and other sensitive security-related facilities, as well as restricting longitude and latitude coordinates for South Korean territory on products such as Google Maps and Google Earth, it said. The decision is expected to hurt Naver and Kakao
Australian Prime Minister Anthony Albanese yesterday said he did not take his security for granted, after he was evacuated from his residence for several hours following a bomb threat sent to a Chinese dance group. Albanese was evacuated from his Canberra residence late on Tuesday following the threat, and returned a few hours later after nothing suspicious was found. The bomb scare was among several e-mails threatening Albanese sent to a representative of Shen Yun, a classical Chinese dance troupe banned in China that is due to perform in Australia this month, a spokesperson for the group said in a statement. The e-mail
TENSIONS: The march went ahead without clashes, but arrests were still possible as police investigate suspects behind Nazi salutes, racist slurs and homophobic insults Thousands of people on Saturday marched in southeastern France under heavy security in tribute to a far-right activist whose killing, blamed on the hard left, has put the country on edge. The crowd — many wearing black and some covering their lower faces with masks — marched through the city of Lyon carrying flowers and placards bearing pictures of Quentin Deranque and the words: “justice for Quentin” and “the extreme left kills.” The 23-year-old died from head injuries following clashes between radical left and far-right supporters on the sidelines of a demonstration against a politician from the left-wing France Unbowed
RSS