In February, OpenAI, the organization behind ChatGPT, announced a collaboration with Microsoft to disrupt five state-sponsored actors who were attempting to use AI services to support malicious cyber activities.
Moving into May, Deloitte described how AI is being utilized for sophisticated cyber attacks.
By November, Microsoft released a video discussion recorded in early 2024 highlighting the significant role that AI already plays in cyber threats.
Also in November, ConnectWise published a blog post on how malicious actors are utilizing AI.
The current use of AI by attackers allows for faster and more extensive movement, rather than enabling disruptive changes, according to a Google report. “For experienced actors, generative AI tools provide a helpful framework, similar to the use of Metasploit or Cobalt Strike in cyber threat activities,” stated the report.
For less experienced actors, these tools serve as a learning and productivity tool that enables them to develop tools more quickly and integrate existing techniques. The report also noted that while current Large Language Models (LLMs) alone are unlikely to enable groundbreaking capabilities for threat actors, the AI landscape is constantly evolving with new models and agent systems emerging daily.
As this evolution unfolds, Google anticipates that the threat landscape will continue to evolve as threat actors incorporate new AI technologies into their operations. In summary, AI can be a useful tool for threat actors, but it is not yet the game-changer it is sometimes portrayed to be.
“While generative AI can be used by threat actors to accelerate and amplify attacks, they are still not able to utilize AI to develop new capabilities,” emphasized Kent Walker, President of Global Affairs at Google’s parent company Alphabet, in a blog post. “In other words, defenders are still ahead – for now.”