Foreign hackers actively use AI technologies to increase the efficiency of cyber attacks on goals around the world, including the United States. According to data google, dozens of hacker groups in more than 20 countries over the past year resorted to the help of the gemini chatbot when writing malicious code, finding vulnerability and collecting information about potential victims of attacks.
Specialists for the first time reveal in detail how exactly foreign opponents use generative AI in their operations. Until now, warnings of Western analysts about possible threats have remained theoretical. It turned out that groups associated with China, Iran and North Korea used Gemini as an auxiliary tool to increase productivity, and not to create fundamentally new hacking methods.
Google states that AI is not yet a universal solution for attackers, but allows them to act faster and more efficiently. Last year, Openai also recorded the activity of five foreign hacker groups using ChatGPT and blocked their accounts.
Among the most active countries using Gemini were China and Iran. More than 20 Chinese and 10 Iranian groups used a chatbot for intelligence, developing phishing attacks and studying hidden penetration methods on the network. Iranian hackers used Gemini for analysis defense companies and creating content in English, Ivrit and Ivrit Farsi. Chinese groups focused on studying the methods of secretive data extraction and increasing privileges inside hacking systems.
North Korean hackers used AI to compile false resumes and accompanying letters to introduce their agents into Western companies and finance the DPRK nuclear program.
Against the backdrop of these threats, Google urged the United States to strengthen export restrictions on advanced chips and simplify the purchase of AI services for national defense. Google emphasized that America’s leadership in the field of AI will be at risk if the government does not take urgent measures.