Microsoft says hackers from Russia, China, Iran, DPRK exploiting AI tools
Washington: Microsoft said on Wednesday that hacker groups allegedly linked to Russia, China, Iran and North Korea are exploiting its OpenAI tools to enhance their cyberoperations.
All four countries deny involvement in cyber attacks.
"In collaboration with OpenAI, we are sharing threat intelligence showing detected state-affiliated adversaries—tracked as Forest Blizzard, Emerald Sleet, Crimson Sandstorm, Charcoal Typhoon, and Salmon Typhoon— using LLMs [large language models] to augment cyberoperations," Microsoft said in a report.
The company alleged that Forest Blizzard is a "highly effective Russian military intelligence actor" linked to the Main Directorate of the General Staff of the Armed Forces.
"Its activities span a variety of sectors including defense, transportation/logistics, government, energy, NGOs, and information technology," the report stated.
North Korea's Emerald Sleet allegedly uses Artificial Intelligence to get expert opinions on North Korea. Content generation is likely to be used in phishing campaigns, the report said.
Crimson Sandstorm is an "Iranian threat actor" purportedly connected to the Islamic Revolutionary Guard Corps, according to Microsoft. "The use of LLMs has involved requests for support around social engineering, assistance in troubleshooting errors, .NET development, and ways in which an attacker might evade detection when on a compromised machine," the report said.
The company also identified two Chinese groups of concern.
Charcoal Typhoon, according to Microsoft, mostly focuses on tracking groups and individuals in Taiwan, Thailand, Mongolia, France, Nepal and globally who oppose Beijing's policies.
Another group, Salmon Typhoon, has been assessing the effectiveness of using LLMs throughout 2023 to source information on potentially sensitive topics, the report said.
"Our research with OpenAI has not identified significant attacks employing the LLMs we monitor closely," the report stated.
Microsoft reassured clients that the company has taken measures to disrupt assets and accounts associated with the alleged threat actors and shape the guardrails and safety mechanisms around its models.
(With UNI/SPUTNIK inputs)
IBNS
Senior Staff Reporter at Northeast Herald, covering news from Tripura and Northeast India.
Related Articles
Turkish military cargo plane with 20 on board crashes in Georgia
A Turkish Air Force C-130 Hercules transport plane carrying 20 passengers and crew members crashed in Georgia while returning from Azerbaijan, Turkey’s defence ministry confirmed on Tuesday.
UN report warns refugee camps could become uninhabitable by 2050 amid rising extreme weather
At least 117 million people have been displaced by war, violence and persecution, the UN refugee agency (UNHCR) said on Monday, while highlighting how much their plight is tied to the growing climate crisis.
After Delhi blast, Islamabad hit by suicide explosion — 12 killed outside court
At least 12 people were killed and around 20 others injured in a suspected suicide blast outside the Judicial Complex in Islamabad on Tuesday, a day after a separate car explosion in neighbouring nation India's New Delhi left eight people dead.
“Thought she was my wife”: Indian man imprisoned in UK for groping sleeping 12-year-old on British Airways flight
An Indian man has been sentenced to jail in the United Kingdom for sexually assaulting a 12-year-old girl during a British Airways flight from Mumbai to London, according to media reports.
Latest News
Mom my first love, Dad my strength: Emotional tattoos help identify Delhi blast victim
'Terrorism' in Pakistan and 'terrible explosion' in India — US posts on Islamabad and Delhi blasts spark outrage
Aamir Khan and girlfriend Gauri Spratt visit Dharmendra at Breach Candy Hospital
BJP poised for major gains in Bihar, exit polls predict NDA edge
