Estimated reading time: 1 minute, 42 seconds

Is ChatGPT A Cybersecurity Boon Or a Bane?   Featured

Ever since the web-based chatbot ChatGPT was launched in November by artificial intelligence research and development company OpenAI, the cybersecurity community has been debating the tool’s pros and cons.

phishing 3390518 640 smallAs TechCrunch reports, Israeli cybersecurity company Check Point showed early on that the natural language processing tool could be used alongside OpenAI’s code-writing platform Codex to draft up malware-capable phishing emails. Check Point threat intelligence group manager Sergey Shykevich told the news site that ChatGPT has the “potential to significantly alter the cyber threat landscape.”

Numerous security experts said that cybercriminals will adopt ChatGPT because it can create phishing emails that seem genuine. Phishing remains the No. 1 attack vector for ransomware. Threat actors who aren’t native English speakers could especially see a benefit. Suleyman Ozarslan, a security researcher and the co-founder of Picus Security, told TechCrunch that ChatGPT will “democratize cybercrime.”

However, Laura Kankaala, F-Secure’s threat intelligence lead, is quoted as saying that cybersecurity pros can find uses for ChatGPT, too. The tool could help simulate cyberattacks or automate certain attacks, she said. ESET’s Jake Moore even told TechCrunch that “if ChatGPT learns enough from its input, it may soon be able to analyze potential attacks on the fly and create positive suggestions to enhance security.”

Indeed, as HelpNetSecurity reports, information security teams can look to ChatGPT as “an all-around assistant.” Security operation teams may particularly find the chatbot useful in​​ scripting, malware analysis and forensics.

Still, as Dark Reading reports, ChatGPT’s ability to reply realistically to content queries could be useful for threat actors using the attack method known as business email compromise. The tool could potentially make it more difficult for organizations to detect BEC attacks, where cybercriminals send a deceptive email that fools a recipient into giving them the data they seek.

In the end, as Computer Weekly reports, threat actors will use AI in their attacks, and organizations must be prepared to defend against it. That could include using tools like ChatGPT in protecting code, educating users or learning more about a threat.

Read 1198 times
Rate this item
(0 votes)

Visit other PMG Sites:

PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.