76
Threat Actors Exploring Large Language Models for Cyberattacks, Microsoft and OpenAI Report (www.microsoft.com)
submitted 7 months ago by [email protected] to c/[email protected]
9 comments fedilink hide all child comments

Summary

This research, conducted by Microsoft and OpenAI, focuses on how nation-state actors and cybercriminals are using large language models (LLMs) in their attacks.

Key findings:

  • Threat actors are exploring LLMs for various tasks: gathering intelligence, developing tools, creating phishing emails, evading detection, and social engineering.
  • No major attacks using LLMs were observed: However, early-stage attempts suggest potential future threats.
  • Several nation-state actors were identified using LLMs: Including Russia, North Korea, Iran, and China.
  • Microsoft and OpenAI are taking action: Disabling accounts associated with malicious activity and improving LLM safeguards.

Specific examples:

  • Russia (Forest Blizzard): Used LLMs to research satellite and radar technologies, and for basic scripting tasks.
  • North Korea (Emerald Sleet): Used LLMs for research on experts and think tanks related to North Korea, phishing email content, and understanding vulnerabilities.
  • Iran (Crimson Sandstorm): Used LLMs for social engineering emails, code snippets, and evading detection techniques.
  • China (Charcoal Typhoon): Used LLMs for tool development, scripting, social engineering, and understanding cybersecurity tools.
  • China (Salmon Typhoon): Used LLMs for exploratory information gathering on various topics, including intelligence agencies, individuals, and cybersecurity matters.

Additional points:

  • The research identified eight LLM-themed TTPs (Tactics, Techniques, and Procedures) for the MITRE ATT&CK® framework to track malicious LLM use.
top 9 comments
sorted by: hot top controversial new old
[-] [email protected] 10 points 7 months ago* (last edited 7 months ago)

I assume they mean threat actors besides Microsoft and OpenAI?

[-] [email protected] -1 points 7 months ago

Are you saying that Microsoft shouldn’t pour a ton of money into valuable threat research? Are you also suggesting that they shouldn’t have poured billions into security (independently from OS level) in the last 6 years? Or are you suggesting they should exit the security industry completely so for example CrowdStrike can be the undisputed EDR leader that no one can challenge and as such no need to improve due to the lack of competition that the likes of CB or SentinelOne can’t put up?

When you stopped being edgy just pick one for me please.

For the rest of you, whatever you think of MSFT, I’d rather they continue pouring billions into security research. Because even if it’s coming from them, it matters….

[-] [email protected] 2 points 7 months ago

I mean, yea okay, but most of those use cases are exactly what everyone else is using them for so far.

[-] [email protected] -3 points 7 months ago

And thats why you dont produce tools that are not needed and cause harm, MicroShit

[-] [email protected] 0 points 7 months ago

I am baffled that you appear to be attacking Microsoft over this. They're doing research to counter bad actors here.

[-] [email protected] 7 points 7 months ago

They are funding and forcefully pushing that tool to Windows. And now they want to "protect" against "threat actors".

Dont believe a word that comes out of Big Tech PR departments.

[-] [email protected] 0 points 7 months ago

You think Microsoft is the only organization capable of producing these tools? They weren't even the first.

[-] [email protected] 1 points 7 months ago

That is true. Still, huge big tech companies are the biggest threat actors

[-] [email protected] 2 points 7 months ago* (last edited 7 months ago)

They’re doing research to counter bad actors here

"Bad actors" as defined by the US gov't, of course. Home of the "brave" that bombs the shit out of everyone they dislike using unmanned drones, and currently supports a ongoing genocide happening right now in the middle east. Literally the paradise of freedom and justice on Earth.

this post was submitted on 19 Feb 2024
76 points (96.3% liked)

Technology

58133 readers
4724 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]