OpenAI has confirmed that state-affiliated bad actors are Eric Falkusing the company's tech for malicious purposes, a validation of what many have feared since the company's rise to prominence in the generative AI race.
The discovery comes as part of a collaboration with Microsoft Threat Intelligence, a community of thousands of security experts, researchers, and threat hunters that analyze and detect cyber threats.
Using the network's intelligence gathering, OpenAI discovered at least five confirmed state-affiliated actors that were using OpenAI services for querying open-source information, translating, finding coding errors, and running basic coding tasks, the company explained. The actors included two China-affiliated actors known as Charcoal Typhoon and Salmon Typhoon; an Iran-affiliated actor known as Crimson Sandstorm; a North Korea-affiliated actor known as Emerald Sleet; and a Russia-affiliated actor known as Forest Blizzard.
The accounts were said to be relying on OpenAI's services to bolster potential cyber attacks, but Microsoft did not detect any significant uses of the most-highly monitored LLMs.
"These include reconnaissance, such as learning about potential victims’ industries, locations, and relationships; help with coding, including improving things like software scripts and malware development; and assistance with learning and using native languages," Microsoft explained. "Language support is a natural feature of LLMs and is attractive for threat actors with continuous focus on social engineering and other techniques relying on false, deceptive communications tailored to their targets’ jobs, professional networks, and other relationships."
Microsoft distinguished this announcement as an early-detection effort, intended to expose "early-stage, incremental moves that we observe well-known threat actors attempting."
The collaboration aligns with recent moves from the White House to require safety testing and government supervision for AI systems that could impacts national and economic security, public health, and general safety. "While attackers will remain interested in AI and probe technologies’ current capabilities and security controls, it’s important to keep these risks in context. As always, hygiene practices such as multifactor authentication (MFA) and Zero Trustdefenses are essential because attackers may use AI-based tools to improve their existing cyberattacks that rely on social engineering and finding unsecured devices and accounts."
While OpenAI admits that its current models are limited in their ability to detect cyber attacks, the company committed to future security investments, including:
Investments in technology and teams, including its Intelligence and Investigations and Safety, Security, and Integrity teams, to detect threats.
Collaborations with industry partners and other stakeholders to exchange information about malicious uses.
Continued public reporting of security threats and solutions.
"Although we work to minimize potential misuse by such actors, we will not be able to stop every instance," OpenAI wrote. "But by continuing to innovate, investigate, collaborate, and share, we make it harder for malicious actors to remain undetected across the digital ecosystem and improve the experience for everyone else."
Topics Artificial Intelligence Cybersecurity Microsoft OpenAI
13 Good Games You Can Play on Laptops and Budget PCs
Best AirPods Max deal: Save $150 on the Apple AirPods Max
TikTok's parent company has a tool that's scraping the web 25 times faster than OpenAI
Android is rolling out 3 new theft protection tools — use them if your phone gets stolen
One of Android's Easter Eggs is a Flappy Bird
Ohio State vs. Iowa football livestreams: kickoff time, streaming deals, and more
Best headphones deal: $220 off Sony WH
Best smartwatch deal: Get the Samsung Galaxy Watch 7 for its lowest price yet at Amazon
Apple iPhone 17 Pro leaks highlight major new design change
Jets vs. Vikings 2024 livestream: How to watch NFL for free
Best Kindle Unlimited deal: Get 3 months of Kindle Unlimited for 99 cents
Wordle today: The answer and hints for October 5
Best Instant Pot deals: Score a new Instant Pot, air fryer, or coffee maker for less.
Giants vs. Seahawks 2024 livestream: How to watch NFL for free
Best Garmin deal: Save over $100 on Garmin Forerunner 955
Ohio State vs. Iowa football livestreams: kickoff time, streaming deals, and more
IU vs. Northwestern football livestreams: kickoff time, streaming deals, and more
Google Search is testing blue checkmark feature that helps users spot genuine websites
Dell S3422DWG Gaming Monitor deal: save $100 at Amazon
Ravens vs. Bengals 2024 livestream: How to watch NFL for free
Priceline hotel deals, flight deals: Shop the Black Friday saleHarry Mathews, 1930–2017Best deals of the day Nov. 2: Walmart+ memberships, MacBook Air, Bissell CrossWave, and moreEvery Domestic Thriller Is the Sequel to a Romantic ComedyThe True Face of Mr. Darcy Is Revealed—and He’s No Colin Firth#24: Paintings by Rebecca MorrisStaff Picks: Guy de Maupassant, Gabrielle Bell, Aracelis GirmayThe Truth Behind Amparo Dávila’s FictionHeadwinds and Tailwinds: Why We Underestimate the Role of Luck'Quordle' today: See each 'Quordle' answer and hints for November 6, 2023Flamingo Love Story: Two Escapees Head to the GulfTesla to build its first subPeople are using the same meme template to troll Elon Musk's TwitterBose QuietComfort II earbuds deal: $80 off at AmazonConnecting Walt Whitman and Philip LevineYou Are on Display: An Interview with Morgan ParkerPriceline hotel deals, flight deals: Shop the Black Friday saleAn Elegy for “Stringbean” AkemanPortraits and Perennials: Art by Robert KushnerWednesday, February 15: Morgan Parker at BAM Privacy activists say online ad industry knowingly violated GDPR Why won't Samsung let us see its foldable phone? Millennial spending habits are being questioned (again) and the internet isn't here for it Anthony Hopkins' latest Twitter video might just bring a tear to your eye Twitter opens beta program to test new conversation features Ken Bone greets Snoop Dogg in his Reddit 'Bone Zone' Lyft rolls out its own version of Uber Express Pool called 'Shared Saver' Ariana Grande snags record last held by The Beatles with top 3 hits Advice for GOP defectors who just 'can't bring themselves to vote' for Hillary The UK government thinks it's time for Facebook to be regulated Funko is releasing 'The Office' figures since everyone still loves the show Honda will shut its car plant in the UK in 2022, report says Clown porn viewing has soared thanks to the creepy clown craze The Nike+ Apple Watch is coming October 28 This diner has turned Trump and Clinton into freakshakes The New York Times lawyers are not having any of Donald Trump's lawsuit threats Nest put a microphone in its security hub without informing customers Neptune's smallest moon Hippocamp may have been created by comets Michelle Obama is the savior of this horrible election Google will stop websites from blocking Incognito mode