OpenAI and Microsoft join forces to thwart state-linked cyberattacks

While OpenAI and Microsoft effectively prevented these occurrences, they acknowledged the challenge of avoiding every cyberattack.

OpenAI, the developer behind ChatGPT, has collaborated with its top investor, Microsoft, to prevent five cyberattacks linked to different states.

According to a report released on Wednesday, Microsoft monitored hacking groups linked to Russian military intelligence, Iran’s Revolutionary Guard, and the Chinese and North Korean governments as they aimed to refine their hacking strategies using large language models (LLMs).

LLMs are computer programs — commonly referred to as artificial intelligence (AI) — that utilize vast text data sets to create responses that sound human-like.

We disrupted five state-affiliated malicious cyber actors’ use of our platform.

Work done in collaboration with Microsoft Threat Intelligence Center. https://t.co/xpEeQDYjrQ

— OpenAI (@OpenAI) February 14, 2024

OpenAI reported that the cyberattacks originated from two groups associated with China — Charcoal Typhoon and Salmon Typhoon. Additionally, attacks were linked to Iran through Crimson Sandstorm, North Korea through Emerald Sleet, and Russia through Forest Blizzard.

The groups tried to employ GPT-4 for researching company and cybersecurity tools, debugging code, generating scripts, conducting phishing campaigns, translating technical papers, evading malware detection, and studying satellite communication and radar technology, according to OpenAI. The accounts were deactivated upon detection.

The company revealed the discovery while implementing a blanket ban on state-backed hacking groups utilizing AI products. While OpenAI effectively prevented these occurrences, it acknowledged the challenge of avoiding every misuse.

Related: OpenAI gives ChatGPT a memory: No more goldfish brain?

Following a surge of AI-generated deepfakes and scams after the launch of ChatGPT, policymakers stepped up scrutiny of generative AI developers. In June 2023, OpenAI announced a $1 million cybersecurity grant program to enhance and measure the impact of AI-driven cybersecurity technologies.

Despite OpenAI’s efforts in cybersecurity and implementing safeguards to prevent ChatGPT from generating harmful or inappropriate responses, hackers have found methods to bypass these measures and manipulate the chatbot to produce such content.

More than 200 entities, including OpenAI, Microsoft, Anthropic, and Google, recently collaborated with the Biden Administration to establish the AI Safety Institute and U.S. AI Safety Institute Consortium (AISIC). The goal is to promote the safe development of artificial intelligence, combat AI-generated deepfakes, and address cybersecurity issues.

This development follows the creation of the U.S. AI Safety Institute (USAISI), which was established as a result of President Joe Biden’s executive order on AI safety in late October 2023.