Of all the potential nightmares about the dangerous effects of generative AI (genAI) tools like OpenAI’s ChatGPT and Microsoft’s Copilot, one is near the top of the list: their use by hackers to craft hard-to-detect malicious code. Even worse is the fear that genAI could help rogue states like Russia, Iran, and North Korea unleash unstoppable cyberattacks against the US and its allies. The bad news: nation states have already begun using genAI to attack the US and its friends. The good news: so far, the attacks haven’t been particularly dangerous or especially effective. Even better news: Microsoft and OpenAI are taking the threat seriously. They’re being transparent about it, openly describing the attacks and sharing what can be done about them. That said, AI-aided hacking is still in its infancy. And even if genAI is never able to write sophisticated malware, it can be used to make existing hacking techniques far more effective — especially social engineering ones like spear phishing and the theft of passwords and identities to break into even the most hardened systems. Microsoft and OpenAI recently revealed a spate of genAI-created attacks and detailed how the companies have been fighting them. (The attacks were based on OpenAI’s ChatGPT, which is also the basis for Microsoft’s Copilot; Microsoft has invested $13 billion in OpenAI.) OpenAI explained in a blog post that the company has disrupted hacking attempts from five “state-affiliated malicious actors” — Charcoal Typhoon and Salmon Typhoon, connected to China; Crimson Sandstorm, connected to Iran; Emerald Sleet, connected to North Korea; and Forest Blizzard, connected to Russia.

Full opinion : Microsoft, OpenAI move to fend off genAI-aided hackers — for now.