OpenAI has announced it has recently disrupted five state-affiliated malicious actors who sought to exploit AI services for malicious cyber activities. In collaboration with Microsoft Threat Intelligence, OpenAI identified and terminated accounts associated with these threat actors, demonstrating the company's commitment to promoting the safe and responsible use of AI technology.
The state-affiliated malicious actors disrupted by OpenAI include Crimson Sandstorm, Emerald Sleet and Forest Blizzard.
These actors attempted to use OpenAI's services for various malicious purposes, such as querying open-source information, translating, finding coding errors, and running basic coding tasks. Their activities ranged from researching companies and cybersecurity tools to generating content for phishing campaigns and identifying vulnerabilities.
OpenAI's findings, consistent with previous red team assessments conducted in partnership with external cybersecurity experts, indicate that their current AI models offer only limited, incremental capabilities for malicious cybersecurity tasks beyond what is already achievable with publicly available, non-AI-powered tools. However, the company acknowledges the importance of staying ahead of evolving threats and has implemented a multi-pronged approach to combat the misuse of their platform by malicious state-affiliated actors.
OpenAI's Multi-Pronged Approach to AI Safety:
1. Monitoring and Disrupting Malicious State-Affiliated Actors: OpenAI invests in technology and teams to identify and disrupt sophisticated threat actors' activities. Upon detection, the company takes appropriate action, such as disabling accounts, terminating services, or limiting access to resources.
2. Collaborating with the AI Ecosystem: OpenAI works closely with industry partners and stakeholders to exchange information about the detected use of AI by malicious state-affiliated actors, promoting collective responses to ecosystem-wide risks through information sharing.
3. Iterating on Safety Mitigations: The company leverages lessons learned from real-world misuse to inform their iterative approach to safety, continuously evolving their safeguards to address potential future threats.
4. Public Transparency: OpenAI is committed to informing the public and stakeholders about the nature and extent of malicious state-affiliated actors' use of AI within their systems and the measures taken against them, fostering greater awareness and preparedness among all stakeholders.
OpenAI aims to make it more difficult for malicious actors to remain undetected across the digital ecosystem.