Tag: Iran | Page 2

Microsoft Discovers State-backed Hackers From China, Russia, and Iran Are Using OpenAI Tools for Honing Skills

February 17, 2024/in Computer Security

A new study from Microsoft and OpenAI has revealed that AI tools such as ChatGPT and other Large Language Models (LLM) are being used by several hacking groups from Russia, China, Iran, and North Korea to increase hacking productivity and fraud schemes, prompting the tech giant to ban its AI tools to all state-backed hacking groups.

The study, which was reportedly branded as the first time an AI company had disclosed cybersecurity concerns from threat actors using AI, discovered five threat actors, two of whom were linked to China and one each with Russia, Iran, and North Korea.

According to reports, most hacker groups employed LLMs or OpenAI technologies to create phishing emails, automate computer programming and coding skills, and comprehend various subjects. It has also been discovered that a small group of threat actors with ties to China employ LLMs for translation and improved target communication.

The study found that Charcoal Typhoon, a threat actor associated with China, utilized artificial intelligence (AI) to facilitate communication and translation with targeted individuals or organizations, comprehend particular technologies, optimize program scripting techniques for automation, and simplify operational commands.

OpenAI Holds Its First Developer Conference

(Photo : Justin Sullivan/Getty Images)
SAN FRANCISCO, CALIFORNIA – NOVEMBER 06: Microsoft CEO Satya Nadella speaks during the OpenAI DevDay event on November 06, 2023 in San Francisco, California. OpenAI CEO Sam Altman delivered the keynote address at the first ever Open AI DevDay conference.

Salmon Typhoon, another threat actor with ties to China, is allegedly utilizing AI to translate technical papers and computing jargon, find coding mistakes, write harmful code, and better grasp various subjects related to public domain research.

It was also discovered that the Russian state-sponsored hacker collective Forest Blizzard employed LLMs to learn more about specific satellite capabilities and scripting methods for complex computer programs. According to reports, the group has claimed victims who are essential to the Russian government, such as groups involved in the conflict between Russia and…

Source…

Microsoft reveals how Iran, North Korea, China, and Russia are using AI for cyber war

February 14, 2024/in Internet Security

Microsoft has revealed that US adversaries — primarily Iran and North Korea, with lesser involvement from Russia and China —- are increasingly employing generative artificial intelligence (AI) for mounting offensive cyber operations. These adversaries have begun leveraging AI technology to orchestrate attacks, and Microsoft, in collaboration with business partner ChatGPT maker OpenAI, has detected and thwarted these threats.

In a blog post, the Redmond-based company emphasized that while these techniques were still in their “early-stage,” they were neither “particularly novel nor unique.” Nevertheless, Microsoft deemed it crucial to publicly expose them. As US rivals harness large-language models to expand their network-breaching capabilities and conduct influence operations, transparency becomes essential.

For years, cybersecurity firms have utilized machine learning for defense, primarily to identify anomalous behavior within networks. However, malicious actors—both criminals and offensive hackers—have also embraced this technology. The introduction of large-language models, exemplified by OpenAI’s ChatGPT, has elevated the game of cat-and-mouse in the cybersecurity landscape.

Microsoft’s substantial investment in OpenAI aligns with its commitment to advancing AI research. The announcement coincided with the release of a report highlighting the potential impact of generative AI on malicious social engineering. As we approach a year with over 50 countries conducting elections, the threat of disinformation looms large, exacerbated by the sophistication of deepfakes and voice cloning.

Here are specific examples that Microsoft provided. The company said that it has disabled generative AI accounts and assets associated with named groups:

North Korea: The North Korean cyberespionage group known as Kimsuky has used the models to research foreign think tanks that study the country, and to generate content likely to be used in spear-phishing hacking campaigns.

Iran: Iran’s Revolutionary Guard has used large-language models to assist in social engineering, in troubleshooting software errors, and even in studying how intruders might evade detection in a compromised network….

Source…

North Korea and Iran using AI for hacking, Microsoft says | Hacking

February 14, 2024/in Computer Security

US adversaries – chiefly Iran and North Korea, and to a lesser extent Russia and China – are beginning to use generative artificial intelligence to mount or organize offensive cyber operations, Microsoft said on Wednesday.

Microsoft said it detected and disrupted, in collaboration with business partner OpenAI, many threats that used or attempted to exploit AI technology they had developed.

In a blogpost, the company said the techniques were “early-stage” and neither “particularly novel or unique” but that it was important to expose them publicly as US rivals leveraging large-language models to expand their ability to breach networks and conduct influence operations.

Cybersecurity firms have long used machine-learning on defense, principally to detect anomalous behavior in networks. But criminals and offensive hackers use it as well, and the introduction of large-language models led by OpenAI’s ChatGPT upped that game of cat-and-mouse.

Microsoft has invested billions of dollars in OpenAI, and Wednesday’s announcement coincided with its release of a report noting that generative AI is expected to enhance malicious social engineering, leading to more sophisticated deepfakes and voice cloning. A threat to democracy in a year where over 50 countries will conduct elections, magnifying disinformation and already occurring,

Microsoft provided some examples. In each case it said all generative AI accounts and assets of the named groups were disabled:

The North Korean cyber-espionage group known as Kimsuky has used the models to research foreign thinktanks that study the country, and to generate content likely to be used in spear-phishing hacking campaigns.

Iran’s Revolutionary Guard has used large-language models to assist in social engineering, in troubleshooting software errors and even in studying how intruders might evade detection in a compromised network. That includes generating phishing emails “including one pretending to come from an international development agency and another attempting to lure prominent feminists to an attacker-built website on feminism”. The AI helps accelerate and boost the email production.

The Russian GRU military intelligence unit known…

Source…

The internet in Iran among the worst worldwide for connectivity

January 18, 2024/in Internet Security

The internet in Iran is among the worst worldwide and the cause might be the government’s censorship boost.

Blocked websites, daily disruptions, slower speeds, and filtering saturation of IP addresses—that’s the grim scenario depicted by the Tehran Electronic Commerce Association (TECA).

In a report by the TECA (source in Farsi), experts blame the President and Iranian officials’ lack of knowledge for this “self-inflicted” situation. Iran is leading the way for internet disruptions around the world forcing citizens to turn en masse to VPN services and other circumventing tools to keep accessing crucial information online.

Leader in internet restrictions

Commenting on the findings, Information Security Analyst at Citizen Lab Azam Jangravi told me: “Iran has one of the most restrictive internet environments in the world, blocking access to many popular websites and social media platforms, as well as surveilling and filtering online content.”

As the investigation carried on by the Tehran Electronic Commerce Association—an independent body that monitors and evaluates the internet situation in Iran—reveals, nearly half of all websites in Iran experienced some form of interruptions in the past nine months.

Experts also recorded daily internet outages, especially “occurring between 5pm and 11pm.” These appear to be a by-product of new filtering equipment within the domestic network, which causes functional disruptions and processor saturation.

Did you know?

World map with digital data showing economic recession — (Image credit: Getty Images)

Iran’s economy suffered more than $1.7 billion USD of GDP (Gross Domestic Product) loss due to internet shutdowns and over $470 million USD from service blocking in 2023, according to NetLoss‘ calculations.

All this places Iran among the worst 50 countries for internet quality, alongside some of the poorest and underdeveloped nations. Yet, in Iran’s case, the government is to blame, experts said, as “these conditions are self-inflicted.”

The report alleges that, due to a lack of technical understanding, Iranian officials might impose indiscriminate censorship on the IP level without providing clear reasons for it.

Not just website blocking and bandwidth throttling, Iran’s authorities have been increasingly…

Source…

Tag Archive for: Iran

(Photo : Justin Sullivan/Getty Images)SAN FRANCISCO, CALIFORNIA – NOVEMBER 06: Microsoft CEO Satya Nadella speaks during the OpenAI DevDay event on November 06, 2023 in San Francisco, California. OpenAI CEO Sam Altman delivered the keynote address at the first ever Open AI DevDay conference.

(Photo : Justin Sullivan/Getty Images)
SAN FRANCISCO, CALIFORNIA – NOVEMBER 06: Microsoft CEO Satya Nadella speaks during the OpenAI DevDay event on November 06, 2023 in San Francisco, California. OpenAI CEO Sam Altman delivered the keynote address at the first ever Open AI DevDay conference.