Ani Petrosyan
Research expert for cybersecurity and cybercrime
ChatGPT and cybercrime - Statistics & Facts
ChatGPT – friend and foe. Ever since the artificial intelligence research lab OpenAI introduced the chatbot software ChatGPT in November 2022, there have been concerns about its possible misuse. The main discussions are around the ethical issues of its usage in academia, issues of cyber security, and the possible replacement of employees in certain areas with ChatGPT. Despite concerns, the tool gained immense popularity, with over ten percent of Americans stating to have used it within just two months after its first release. The tool is mainly used by individuals between 18 and 44 years old.
The use of artificial intelligence for malicious purposes is a concern for governments, organizations, and internet users, but the latest innovations are also employed in the realm of cybersecurity.
Possible usage of ChatGPT in cybercrime
With advantages that attract many users worldwide, ChatGPT’s sophisticated capabilities are not always used in good faith as the tool cannot fully identify user requests that contain malicious intent. Although the software has content filters in place that attempt to prevent its misuse, bypassing these filters by applying certain techniques is not difficult. For instance, in the event that the tool declines to generate a text for a phishing email upon direct request, the user may still request it by describing it as desired knowledge for a different life circumstance, such as writing a movie script on the subject rather than a genuine attempt at a phishing attack.Alongside the rise of generative AI, malicious alternatives to ChatGPT have emerged. Large language models (LLMs) like FraudGPT and WormGPT are paid services offering malware development, malicious code writing, and vulnerability locating.Corporate data exposure on ChatGPT
Despite most companies releasing instructions on the proper usage of ChatGPT or prohibiting its use in the workplace, there are still numerous cases of exposure of highly sensitive corporate content on ChatGPT. To present a better performance at the workplace, many employees worldwide have started to use ChatGPT as it suggests shortcut solutions for various tasks. However, improper use of the tool can sometimes lead to the exposure of confident corporate data by employees. When using the paid version of the service, users often think the data they share remains confidential. However, the shared data becomes general knowledge of ChatGPT. Research found that as of June 2023, over 10 percent of responding employees worldwide had used ChatGPT at least once in the workplace, and around five percent had entered confidential corporate data into ChatGPT. The most commonly exposed type of corporate data was the sensitive data intended for internal use only.The use of artificial intelligence for malicious purposes is a concern for governments, organizations, and internet users, but the latest innovations are also employed in the realm of cybersecurity.
Ani Petrosyan
,
Mar 27, 2024
Ani Petrosyan
Research expert for cybersecurity and cybercrime
