em360tech image

While OpenAI's ChatGPT takes the internet by storm for its many impressive capabilities, cybersecurity experts warn the AI tool is becoming the weapon of choice for cybercriminal activity. 

The AI-driven natural language processing tool first gained popularity in November last year, sending shockwaves across the enterprise landscape as Big Tech companies scrambled to create their own versions of the popularised technology. 

Quickly amassing millions of users, the chatbot can be used for everything from generating wedding speeches to compiling code, crafting academic essays to writing hip-hop lyrics. 

But, though ChatGPT has uncovered an array of new use cases for generative AI in the enterprise, it has also left a number of industries on edge as its impact becomes widespread.  

Universities around the world have already banned the tool after students used the tool to write essays and complete assignments. Google issued a “code red”, fearing for the survival of its long-successful search business. 

Now the cybersecurity industry – a community that has long expressed its concern about the threat of modern AI on business continuity – is warning that te technology could be harnessed by hackers for nefarious purposes. 

Security experts from Blackberry recently launched an investigation into the risks of AI, revealing that the tool may already be used in a range of attacks from phishing campaigns to nation-state cyberattacks. 

"It’s been well documented that people with malicious intent are testing the waters," Shishir Singh, chief technology officer for cybersecurity at BlackBerry, noted. 

“We expect to see hackers get a much better handle on how to use ChatGPT successfully for nefarious purposes; whether as a tool to write better Mutable malware or as an enabler to bolster their ‘skillset,” Singh said. 

Cybersecurity experts echo the CTO’s concern. Of the 1,500 IT Decision Makers interviewed by Blackberry, over half predicted ChatGPT-powered cyber attacks will strike within the next year. 

71 per cent said they thought nation-states are probably already using the technology in attacks against other countries.

A ready-loaded weapon

As part of its content policy, OpenAI has placed restrictions to block malicious content creation on its platform. 

While these restrictions should prevent the tool from being used for cybercrime, researchers from Check Point found that hackers have already found ways to bypass them. 

One such way involved creating Telegram bots that use OpenAI’s API in external channels, removing many of the anti-abuse measures put in place by the AI company. 

Researchers discovered that hackers were this method to create malicious content powered by the AI chatbot, including writing python scripts to launch malware attacks and crafting convincing phishing emails in seconds. 

chatgpt phising email
ChatGPT bot creates template for phishing email on Telegram. Source: Check Point

They also found several users selling these telegram bots as a service, a business model allowing cybercriminals to use the unrestricted ChatGPT model for 20 free queries before being charged $5.50 for every 100 queries they make. 

Chatgpt malware
ChatGPT bot creates python code for malware attack on Telegram. Source: Check Point

“What’s interesting is that these guys that posted it had never developed anything before, Sergey Shykevich, the lead ChatGPT researcher on the study, explained. 

Shykevich told Insider that ChatGPT and Codex, an OpenAI service that can write code for developers, will "allow less experienced people to be alleged developers.

Fighting fire with fire

While the increased threat of ChatGPT-powered cyber attacks has concerned experts, they also highlighted that the AI-enabled tool, as well as other recent AI developments, can be used to fight against the risks. 

As cyber-attacks become more severe and sophisticated and threat actors evolve their tactics, traditional security measures become obsolete. AI can learn from previous attacks and adapt its defences, making it more resilient against the rapidly evolving cyber threat landscape. 

There are a number of endpoint security tools available on the market that use AI, machine learning, and natural language processing to detect advanced threats and processes, as well as classify and co-relate large amounts of security signals. 

AI-wired security procedures don’t just produce or read alerts, but also correlate different telemetry points or points of interest and then issue a verdict and solution. 

Cybersecurity teams must introduce AI-wired cybersecurity strategies to protect their infrastructure and employees from evolving security threats. They must fight fire with fire – AI with AI.