NATIONAL NEWS

Microsoft says US rivals are beginning to use generative AI in offensive cyber operations

Feb 14, 2024, 4:01 AM | Updated: 7:04 am

BOSTON (AP) — Microsoft said Wednesday that U.S. adversaries — chiefly Iran and North Korea and to a lesser extent Russia and China — are beginning to use generative artificial intelligence to mount or organize offensive cyber operations.

The technology giant said it detected and disrupted, in collaboration with business partner OpenAI, threats that used or attempted to exploit AI technology they had developed.

In a blog post, the Redmond, Washington, company said the techniques were “early-stage” and neither “particularly novel or unique” but that it was important to expose them publicly as U.S. rivals leveraging large-language models to expand their ability to breach networks and conduct influence operations.

Cybersecurity firms have long used machine-learning on defense, principally to detect anomalous behavior in networks. But criminals and offensive hackers use it as well, and the introduction of large-language models led by OpenAI’s ChatGPT upped that game of cat-and-mouse.

Microsoft has invested billions of dollars in OpenAI, and Wednesday’s announcement coincided with its release of a report noting that generative AI is expected to enhance malicious social engineering, leading to more sophisticated deepfakes and voice cloning . A threat to democracy in a year where over 50 countries will conduct elections, magnifying disinformation and already occurring,

Here are some examples Microsoft provided. In each case it said all generative AI accounts and assets of the named groups were disabled:

— The North Korean cyberespionage group known as Kimsuky has used the models to research foreign think tanks that study the country, and to generate content likely to be used in spear-phishing hacking campaigns.

— Iran’s Revolutionary Guard has used large-language models to assist in social engineering, in troubleshooting software errors, and even in studying how intruders might evade detection in a compromised network. That includes generating phishing emails “including one pretending to come from an international development agency and another attempting to lure prominent feminists to an attacker-built website on feminism.” The AI helps accelerate and boost the email production.

— The Russian GRU military intelligence unit known as Fancy Bear has used the models to research satellite and radar technologies that may relate to the war in Ukraine.

— The Chinese cyberespionage group known as Aquatic Panda — which targets a broad range of industries, higher education and governments from France to Malaysia — has interacted with the models “in ways that suggest a limited exploration of how LLMs can augment their technical operations.”

— The Chinese group Maverick Panda, which has targeted U.S. defense contractors among other sectors for more than a decade, had interactions with large-language models suggesting it was evaluating their effectiveness as a source of information “on potentially sensitive topics, high profile individuals, regional geopolitics, US influence, and internal affairs.”

In a separate blog published Wednesday, OpenAI said its current GPT-4 model chatbot offers “only limited, incremental capabilities for malicious cybersecurity tasks beyond what is already achievable with publicly available, non-AI powered tools.”

Cybersecurity researchers expect that to change.

Last April, the director of the U.S. Cybersecurity and Infrastructure Security Agency, Jen Easterly, told Congress that “there are two epoch-defining threats and challenges. One is China, and the other is artificial intelligence.”

Easterly said at the time that the U.S. needs to ensure AI is built with security in mind.

Critics of the public release of ChatGPT in November 2022 — and subsequent releases by competitors including Google and Meta — contend it was irresponsibly hasty, considering security was largely an afterthought in their development.

“Of course bad actors are using large-language models — that decision was made when Pandora’s Box was opened,” said Amit Yoran, CEO of the cybersecurity firm Tenable.

Some cybersecurity professionals complain about Microsoft’s creation and hawking of tools to address vulnerabilities in large-language models when it might more responsibly focus on making them more secure.

“Why not create more secure black-box LLM foundation models instead of selling defensive tools for a problem they are helping to create?” asked Gary McGraw, a computer security veteran and co-founder of the Berryville Institute of Machine Learning.

NYU professor and former AT&T Chief Security Officer Edward Amoroso said that while the use of AI and large-language models may not pose an immediately obvious threat, they “will eventually become one of the most powerful weapons in every nation-state military’s offense.”

National News

FILE - In this photo provided by the National Park Service is Grazer, the winner of the 2023 Fat Be...

Associated Press

Grazer beats the behemoth that killed her cub to win Alaska’s Fat Bear Contest

ANCHORAGE, Alaska (AP) — In a storyline better befitting a melodrama than a popularity vote, Grazer won her second Fat Bear Contest Tuesday by defeating the male behemoth that killed her cub this summer. Grazer beat Chunk by more than 40,000 votes cast by fans watching live cameras atexplore.org of Alaska’s Katmai National Park and […]

2 hours ago

FILE - With the Florida results in his hand, Deputy Managing Editor David Scott, left, who helps ov...

Associated Press

News media don’t run elections. Why do they call the winners?

WASHINGTON (AP) — It’s election night, the polls have closed and chances are you’re waiting on The Associated Press or one of the major television networks to say who will be the next president. But why does the news media play that role in the first place? Shouldn’t that be the government’s job? State and […]

3 hours ago

Teams work to clean up piles of debris from Hurricane Helene flooding ahead of the arrival of Hurri...

Associated Press

As FEMA prepares for Hurricane Milton, it battles rumors surrounding Helene recovery

WASHINGTON (AP) — The rumors surrounding Hurricane Helene are many. There are false claims that people taking federal relief money could see their land seized. Or that $750 is the most they will ever get to rebuild. Or that the agency’s director — on the ground since the storm hit — was beaten up and […]

4 hours ago

Associated Press

Man charged with terroristic threats after saying he would ‘shoot up’ a synagogue

MINNEAPOLIS (AP) — A Minnesota man was charged with making terroristic threats for allegedly saying he would “shoot up” a Minneapolis synagogue. The 21 year old was charged Monday with misdemeanor assault and three felony counts of threatening violence. His public defender didn’t immediately return an Associated Press email and voice message requesting comment Tuesday. […]

4 hours ago

Associated Press

Judge declines bid by New Hampshire parents to protest transgender players at school soccer games

CONCORD, N.H. (AP) — A federal judge on Tuesday declined to grant an immediate order sought by some New Hampshire parents to allow them to wear pink wristbands with “XX” on them at girls high school soccer games to protest transgender girls playing. But the judge did rule that one father who had been banned […]

4 hours ago

FILE - Pennsylvania's Lia Thomas waits for results after swimming the women's 200 freestyle final a...

Associated Press

Georgia university leaders ask NCAA to ban transgender women from sports

ATLANTA (AP) — The regents who govern Georgia’s 26 public universities and colleges voted on Tuesday to ask the NCAA and another college athletic federation to ban transgender women from participating in women’s sports. The unanimous vote came after Georgia Lt. Gov. Burt Jones, a Republican, vowed in August to pass legislation that would ban […]

4 hours ago

Microsoft says US rivals are beginning to use generative AI in offensive cyber operations