Cybersecurity News that Matters

Cybersecurity News that Matters

North Korea uses OpenAI tools for cyber offense tasks

by Hongeun Im

Feb. 16, 2024
11:46 AM GMT+9

On Wednesday, Microsoft and OpenAI, companies partnered in the field of artificial intelligence (AI) technologies, disclosed that Kimsuky, a hacking group based in North Korea, has utilized OpenAI’s large language models (LLMs) to aid in their hacking activities.

The group leveraged OpenAI’s technologies to generate content for spear phishing campaigns, which aim to target specific individuals or organizations to extract confidential information. Specifically, they composed emails that impersonated officials from well-known educational institutions and non-governmental organizations (NGOs), soliciting opinions on international policies concerning North Korea.

According to research conducted by the two companies, there have been no confirmed instances where AI technology was directly utilized in hacking incidents. Instead, Kimsuky employed the technology for identifying pre-existing vulnerabilities, obtaining help in repairing web technologies, and scripting simple tasks, such as detecting user activities on a system.

Hacking groups from China, Russia, and Iran were also identified as malevolent entities utilizing OpenAI’s large language models (LLMs) to support their cyber offensive operations. These groups commonly used the technology for activities such as reconnaissance, coding assistance, and leveraging native languages in their operations. Microsoft further stated that it has disabled all accounts associated with these four hacking groups.

The measures taken by Microsoft and OpenAI align with the White House’s executive order issued last October, which mandates the development of “standards, tools, and tests to ensure that AI systems are safe, secure, and trustworthy.” This directive emphasizes the need for companies to ensure that AI technologies do not pose a threat to cybersecurity.

Subscription

Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

  • Hongeun Im
    : Author

    Hongeun Im is a reporting intern for The Readable. Motivated by her aspirations in cybersecurity and aided by the language skills she honed while living in the United Kingdom, Im aims to write about s...

    View all posts
Editor:
Designer:
Stay Ahead with The Readable's Cybersecurity Insights