OpenAI has shut down five accounts that were allegedly being used by government agents from China, Iran, Russia, and North Korea. According to OpenAI, these accounts were being used to generate phishing emails, write malicious software scripts, and conduct research on evading malware detection. The company, backed by Microsoft, worked with its sponsor to identify and deactivate the accounts. The terminated accounts include two China-affiliated threat actors known as Charcoal Typhoon and Salmon Typhoon, Iran-affiliated Crimson Sandstorm, North Korea-affiliated Emerald Sleet, and Russia-affiliated Forest Blizzard. OpenAI clarified that its models have limited capabilities for conducting malicious cybersecurity tasks and that they make efforts to prevent misuse through filtering requests. Microsoft’s Threat Intelligence team also provided its analysis of the activities carried out by these accounts. Chinese threat actors used OpenAI’s models to research specific companies and intelligence agencies, while Iranian actors sought to evade malware detection and develop phishing attacks. North Korean actors used the AI lab to find information on defense issues and public vulnerabilities, and Russian actors researched open source satellite and radar imaging technology. OpenAI previously downplayed the ability of its models to aid attackers, stating that they perform poorly at crafting exploits for known vulnerabilities.
OpenAI halts nation-state cyber-crews; accounts turned off
Latest from News
CISA alert: Watch your credentials in FY23 risk assessment
TLDR: CISA warns about the risk of credential access in FY23 risk & vulnerability assessment IBM’s X-Force Threat Intelligence Index 2024 also identifies credential
Stay safe online AARP Virginia Fraud Alert: Cyber Security Awareness
TLDR: Key Points: October is National Cybersecurity Awareness Month Important tips to stay safe online include using strong passwords, enabling multi-factor authentication, updating software,
Aussie Cyber Pros Reveal Rising Stress Levels
TLDR: Australian cybersecurity professionals are facing increased job stress due to a complex threat landscape, low budgets, and hiring challenges. The industry prefers candidates
Proxy statements: Boards’ AI and cyber-security oversight, forecasting ahead
TLDR: Proxy statements have evolved from compliance documents to key tools for communicating with shareholders. Ron Schneider from Donnelley Financial Solutions discusses best practices
Businesses taking action against cyber threats: PwC shows readiness
TLDR: Organisations are taking action towards cyber resilience, with 77% expecting their cyber budget to increase over the coming year. PwC’s survey highlighted that