Cybercriminals are turning AI malicious, while nation states like China and North Korea are using artificial intelligence for all kinds of digital attacks, Google warns.<\/p>\n
getty<\/p>\n
Over the last year, cybercriminals have been pushing AI to see how far it will go to help them break into company networks. On Monday, Google issued a warning: the tech has helped criminals successfully develop a powerful hacking tool known as a zero-day exploit for the first time. <\/p>\n
Zero-day exploits are small programs that target previously-unknown and unpatched vulnerabilities to install malware and access data on a target computer or network. That makes them a rare and potent commodity among hackers. Google security researchers found evidence hackers had developed such an exploit to target an unnamed open-source, web-based IT admin tool. A \u201cmass vulnerability exploitation operation\u201d was in the works, the tech giant said. It was able to stop the attack from happening by alerting the vendor of the IT tool.<\/p>\n
\u201cSome things that used to require months and years of experience … can be done almost instantaneously.\u201d\n<\/p>\n
Eyal Sela, director of threat intelligence at Gambit Security<\/p>\n
Google said there were a number of signs that artificial intelligence helped write the malicious code (though it couldn\u2019t tell which AI system was used). The code was structured in a way that was \u201chighly characteristic\u201d of AI, the report said, including a \u201ctextbook\u201d use of the Python language and \u201cdetailed help menus\u201d not typically seen in human-written programming. It also contained what appeared to be an AI hallucination, referencing a vulnerability that didn\u2019t exist.<\/p>\n
Google said it\u2019d also discovered hackers, including those working for Chinese and North Korean intelligence, using its Gemini AI chatbot to help research potential cyberattack targets. In one case, a Chinese-linked cybercrime group dubbed UNC2814<\/a> tricked Gemini by asking it to act like a network security expert. Then Gemini agreed to look for vulnerabilities in TP-Link routers (which have been banned in the U.S. for security reasons). <\/p>\n John Hultquist, chief analyst of the Google Threat Intelligence Group, said North Korea was \u201ca very early adopter of AI,\u201d moving from phishing to developing cyberattacks on company and government networks. \u201cIt\u2019s interesting because this is an area where they have typically not focused, preferring to do social engineering. It may indicate that they are using AI to evolve,\u201d Hultquist added.<\/p>\n Google\u2019s discovery of an AI zero-day exploit is the latest in a growing number of instances where hackers used AI as a kind of cybercriminal copilot or to carry out an attack in its entirety. <\/p>\n In May, Dragos Security, which protects critical infrastructure from cyberattacks, said hackers used Anthropic\u2019s Claude to try to target municipal water and drainage utility systems in Monterrey, Mexico, earlier this year.<\/p>\n Eyal Sela, who first documented those attacks, said Google\u2019s discovery of an AI-written zero-day showed how early adopters were benefitting from the wealth of new automated coding technology. Most worrying: even low-skilled hackers can use AI to carry out attacks using techniques they don\u2019t understand, Sela told Forbes.<\/p>\n \u201cThere are some things that used to require months and years of experience that can be done almost instantaneously,\u201d said Sela, director of threat intelligence at Gambit Security. \u201cThis is not an exaggeration.\u201d<\/p>\n MORE ON FORBESForbesMeet The $580 Million Startup Making AI Models To Fight Artificial HackersBy Thomas Brewster<\/a>ForbesU.S. Cyber Agency Doesn\u2019t Have Access To Advanced AI Hacking ToolsBy Thomas Brewster<\/a>ForbesAnthropic\u2019s Claude Is Pumping Out Vulnerable Code, Cyber Experts WarnBy Thomas Brewster<\/a>ForbesAnthropic Mythos And Embracing The AI \u2018Bugmageddon\u2019By Thomas Brewster<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"Cybercriminals are turning AI malicious, while nation states like China and North Korea are using artificial intelligence for…\n","protected":false},"author":2,"featured_media":35245,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[24,25,387,5969,22342,132,1429,6296,314,318,4343],"class_list":{"0":"post-35244","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-google","8":"tag-ai","9":"tag-artificial-intelligence","10":"tag-china","11":"tag-cyber","12":"tag-cybercriminal","13":"tag-google","14":"tag-google-ai","15":"tag-north-korea","16":"tag-security","17":"tag-vulnerabilities","18":"tag-zero-day"},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/posts\/35244","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/comments?post=35244"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/posts\/35244\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/media\/35245"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/media?parent=35244"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/categories?post=35244"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/tags?post=35244"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}