Microsoft says hackers from Russia, China, Iran, DPRK exploiting AI tools
Washington: Microsoft said on Wednesday that hacker groups allegedly linked to Russia, China, Iran and North Korea are exploiting its OpenAI tools to enhance their cyberoperations.
All four countries deny involvement in cyber attacks.
"In collaboration with OpenAI, we are sharing threat intelligence showing detected state-affiliated adversaries—tracked as Forest Blizzard, Emerald Sleet, Crimson Sandstorm, Charcoal Typhoon, and Salmon Typhoon— using LLMs [large language models] to augment cyberoperations," Microsoft said in a report.
The company alleged that Forest Blizzard is a "highly effective Russian military intelligence actor" linked to the Main Directorate of the General Staff of the Armed Forces.
"Its activities span a variety of sectors including defense, transportation/logistics, government, energy, NGOs, and information technology," the report stated.
North Korea's Emerald Sleet allegedly uses Artificial Intelligence to get expert opinions on North Korea. Content generation is likely to be used in phishing campaigns, the report said.
Crimson Sandstorm is an "Iranian threat actor" purportedly connected to the Islamic Revolutionary Guard Corps, according to Microsoft. "The use of LLMs has involved requests for support around social engineering, assistance in troubleshooting errors, .NET development, and ways in which an attacker might evade detection when on a compromised machine," the report said.
The company also identified two Chinese groups of concern.
Charcoal Typhoon, according to Microsoft, mostly focuses on tracking groups and individuals in Taiwan, Thailand, Mongolia, France, Nepal and globally who oppose Beijing's policies.
Another group, Salmon Typhoon, has been assessing the effectiveness of using LLMs throughout 2023 to source information on potentially sensitive topics, the report said.
"Our research with OpenAI has not identified significant attacks employing the LLMs we monitor closely," the report stated.
Microsoft reassured clients that the company has taken measures to disrupt assets and accounts associated with the alleged threat actors and shape the guardrails and safety mechanisms around its models.
(With UNI/SPUTNIK inputs)
IBNS
Senior Staff Reporter at Northeast Herald, covering news from Tripura and Northeast India.
Related Articles
US: National Guard member Sarah Beckstrom, who was shot by Afghan national Rahmanullah Lakanwal, dies, announces Trump
US President Donald Trump on Thursday announced that one of the National Guard members, who was shot by a gunman in Washington DC, close to the White House, has died.
Horror in Hong Kong: Deadly fire disaster leaves 94 dead and a city in shock
The death toll in the Hong Kong high-rise housing complex blaze, one of the deadliest recorded in the region in recent times, has touched 94, media reports said.
Gunfire near White House: Two National Guard soldiers shot as Afghan national suspect arrested
Two National Guard soldiers were critically injured on Wednesday after they were shot by a gunman, identified as an Afghan national, less than two blocks from the White House, authorities said.
Horror in Hong Kong: Death toll hits 44 as massive blaze continues, hundreds missing
The death toll from a massive fire that swept through residential apartments in Hong Kong’s Tai Po district has climbed to 44, with around 270 people still unaccounted for, authorities said on Thursday.
Latest News
Tripura aims to become national tourism hub; 4th 'Unity Promo Fest 2025' opens
Delhi air pollution worsenses, AQI deteriorates to 384; several NCR pockets in 'severe' category
US: National Guard member Sarah Beckstrom, who was shot by Afghan national Rahmanullah Lakanwal, dies, announces Trump
Horror in Hong Kong: Deadly fire disaster leaves 94 dead and a city in shock
