Emilio Iasiello
According to a recent report by Google, there were more than 50 threat actors tied to China, Iran, North Korea, and Russia that the company observed using artificial intelligence (AI) technology powered by Google’s Gemini to facilitate their nefarious cyber and information-enabled operations. These actors leveraged the technology to support different phases of the cyber attack cycle, and activities ranged from malicious coding to payload development, to information collection against targets, vulnerability research, and assisting threat actors evade detection after compromising a victim. Despite the worrisome aspects of these revelations, Google noted that many of these activities were still in experimentation mode with the actors not developing new capabilities. It appears that threat actors are still figuring out ways to maximize generative AI to their benefit, as most of the incidents related in the report revealed how generative AI facilitates faster more efficient operations rather than focusing on pure disruption. While this may offer temporary relief, this will undoubtedly change soon.
Per its report, Google observed Chinese threat actors using Gemini for target research and reconnaissance; vulnerability research; scripting and development; and translation and explanation. Particularly significant was that Chinese threat actors used Gemini to “work through scripting and development tasks,” with the intent to facilitate a more robust access into a victim network. Given China’s longstanding history of cyber espionage, and now interest in gaining and sustaining access into critical infrastructure networks, it appears that these actors are turning to generative AI to glean solutions to challenges they may have encountered in the past. While some attempts were unsuccessful (e.g., reverse engineering endpoint solution of a well-known vendor), they do reveal that the actors are looking to exploit generative AI capabilities in a variety of ways, new territory that is eagerly being explored.
No comments:
Post a Comment