Threat actors will take advantge of ChatGPT, says expert

Share post:

Microsoft, software developers, law enforcement agencies, banks, students writing essays and almost everyone in between thinks they can take advantage of ChatGPT.

So do threat actors.

The artificial-intelligence-driven chatbot is touted as the search engine that will dethrone Google, help developers generate flawless code, write the next great rock hit … heck, it’s so new people can’t imagine what it can do.

But history shows crooks and nation-states will try to leverage any new technology to their advantage, and no infosec professional should expect any different.

So, says a threat researcher at Israel-based Cyberint, they’d better be prepared.

If ChatGPT will help software companies write better code, said Shmuel Gihon, it will do the same for malware creators.

Not only that, he added, it could help them reverse-engineer security applications.

“As a threat actor, if I can improve my hacking tools, my ransomware, my malware every three to four months, my developing time might be cut by half or more. So the cat-and-mouse game that defence vendors play with threat actors could become way harder for them.”

The “if” in that sentence is not because of the capability of the tool, he added, but the capabilities of the threat actor using it. “AI in the right hands might be a very strong tool. Professional threat actors, ransomware groups and espionage groups will probably make better use of this tool than amateur actors.

“I’m pretty sure they will find great uses for this technology. It will probably help them reverse engineer software they are attacking … help them find new vulnerabilities, and bugs in their own code, in shorter periods of time.”

And infosec pros shouldn’t just worry about ChatGPT, he added, but any tool driven by artificial intelligence. “Tomorrow another AI engine will be released,” he noted.

“I’m not sure security vendors prepared for this rate of innovation from the threat actors’ side,” he added. “This is something we should prepare ourselves for. I know AI is already embedded in security tech, but I’m not sure if it’s at this level.”

Security vendors should think about how threat actors could use ChatGPT against their applications, he advised. “If some of my products are open source or my front-facing infrastructure is built on engine X, I should know what ChatGPT says about my technology. I should know how to translate ChatGPT capabilities in the threat actors’ eyes.”

At the same time, CISOs should see if the tool can be leveraged to help protect their environments. One possibility: Software quality assurance.

The post Threat actors will take advantge of ChatGPT, says expert first appeared on IT World Canada.

Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

North Korean Job Scam Targeting IT Job Seekers

North Korea’s Lazarus advanced persistent threat (APT) group has launched a sophisticated campaign, “Operation 99,” targeting freelance software...

Hackers Exploit FastHTTP in High-Speed Microsoft 365 Attacks

Threat actors are employing the FastHTTP Go library to launch high-speed brute-force password attacks on Microsoft 365 accounts...

YouTubers Targeted As Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results

Attackers have found a new way to infect people seeking pirated or cracked software: planting malicious download links...

New macOS Malware Exploits Apple’s Security Features to Stay Hidden and Steal User Data

A newly discovered variant of the Banshee macOS Stealer malware is putting 100 million Apple users at risk...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways