Artificial Intelligence & Machine Learning , Next-Generation Technologies & Secure Development , The Future of AI & Cybersecurity
GenAI Impact on Election Disinformation Limited, Says OpenAI
OpenAI Says it Disrupted 20 Operations Attempting to Meddle in ElectionForeign threat actors are using generative AI to influence U.S. elections, but their impact is limited, according to OpenAI.
See Also: Palo Alto Networks, Google Partner on New AI Initiative
In a report released Wednesday, the AI giant said it has this year disrupted more than 20 operations and networks attempting to use its gen AI tools to meddle in elections.
Threat actors from China, Russia, Iran, Rwanda and Vietnam maliciously used AI tools to support influence operations by analyzing and generating social media content, writing fake articles for websites as well as for coding assistance and debugging malware.
There is no "evidence of this leading to meaningful breakthroughs in their ability to create substantially new malware or build viral audiences," said OpenAI principal investigator Ben Nimmo and technical staff member Michael Flossman.
The company has reported several of the findings in its past reports too, including one in May that described generative AI use by Russia and Iranian governments to target American voters online.
The disclosure comes months after OpenAI said it banned accounts linked to Storm-2035, an Iranian covert influence operation, which used ChatGPT to generate content related to the U.S. presidential election.
A threat group linked to China tracked as "SweetSpecter" used OpenAI's tools to generate spear-phishing emails targeting OpenAI staff, with the bad actor pretending to be a ChatGPT user requesting support. The hackers attached a malicious .zip file named "Some Problems" containing a remote access Trojan that would have enabled the attacker to control compromised devices.
The threat group used the same network infrastructure to ask ChatGPT questions on finding versions of software still vulnerable to Log4Shell and ways to social engineer government staffers, along with seeking its help to complete scripting and vulnerability research tasks (see: Log4Shell Among Chinese Hackers' Fave Vulns, Say Feds).
The report said that Iranian-linked group CyberAv3ngers used ChatGPT to decipher common default username and password combinations for programmable logic controllers, which are used in critical infrastructure sectors to operate machinery and other equipment (see: Internet-Exposed Water PLCs Are Easy Targets for Iran).
The use of gen AI in these operations appears more complementary than disruptive - for example, a Russian influence operation used Dall-E to create images that would make its influence messages more attractive.
OpenAI said it is developing tools that will help make detection and analysis of potentially harmful activity quicker. "These tools have allowed us to compress some of the analytical steps we take from days down to minutes, and some of the operations that we disrupted in the past couple of months were discovered thanks to our use of AI," Nimmo said.