Security News > 2024 > February > How are state-sponsored threat actors leveraging AI?

Microsoft and OpenAI have identified attempts by various state-affiliated threat actors to use large language models to enhance their cyber operations.

Just as defenders do, threat actors are leveraging AI to boost their efficiency and continue to explore all the possibilities these technologies can offer.

North Korean threat actor Emerald Sleet - to research into think tanks and experts on North Korea, generate content to be used in spear-phishing campaigns, understand publicly known vulnerabilities, troubleshoot technical issues, and help them use different web technologies.

Chinese state-affiliated threat actor Charcoal Typhoon - to develop tools, generate and refine scripts, understand technologies, platforms, and vulnerabilities, and create content used for social engineering.

"At the same time, we feel this is important research to publish to expose early-stage, incremental moves that we observe well-known threat actors attempting, and share information on how we are blocking and countering them with the defender community."

During their investigation, they disabled all accounts and assets associated with the various threat actors.

News URL

https://www.helpnetsecurity.com/2024/02/14/threat-actors-llms/