New gov't cybersecurity strategy rolls out amid AI buzz, concerns it could be abused by criminals
Some of the tools can accomplish "in less than a minute" what had taken days.
The Biden administration is moving to implement a new national security strategy focused on stopping hackers, as buzz around artificial intelligence tools raises concern among some experts that criminals may try to exploit AI capabilities.
One aim of the administration strategy is to shift the focus of blame away from the victims of cybercrime, U.S. security officials said. After-the-fact assessments often focus on the target for being vulnerable enough to hack -- but if that target is a rural hospital, for example, limitations might exists on what that hospital can do to protect against bad actors, especially those backed by foreign governments.
Instead, the new plan focuses on strengthening the public-private partnerships that encourage security firms to share what they know about hacker networks in order to bring them to justice.
Emerging technology will test the viability of the strategy going forward, experts told ABC News, especially with AI posing new security challenges.
The same advantages seen in AI tools like ChatGPT from research lab OpenAI, which formulates human-like responses to questions posed by a user, are vulnerable to nefarious use, according to Ari Jacoby, a tech executive who has focused on using AI to fight fraud.
Given the volumes of publicly available information on software engineering, hackers could use the chat bots to generate or enhance malicious computer code, Jacoby said.
According to OpenAI's user policy, using ChatGPT to write malware, generate hateful or harmful content or engage in fraudulent activity is explicitly prohibited. The question is whether tech firms are capable of enforcing such rules as AI technology spreads.
"The ChatGPTs of the world -- who do way more good than harm -- make available tools that can write software code in less than a minute that would have taken a bad actor or a bad network potentially days or weeks to run," Jacoby said.
Instead of using ChatGPT to source ideas for recipes or write basic work emails, bad actors could attempt to write large volumes of phishing emails that trick recipients into downloading malware or giving up personal financial information.
Alternatively, similar tools used to analyze and assess trends in large sets of data can potentially be used to fight fraud, Jacoby said. Credit card companies, for example, could benefit from being able to detect anomalies in a customer's behavior to determine if purchases are authentic.
Meanwhile, the U.S. is facing a daily onslaught of cybersecurity breaches from Russian, Chinese and North Korea-backed groups, according to recent U.S. government assessments and private cyber intelligence firms. Experts expect those efforts will test the resilience of the administration’s new cyber strategy.
"They're unbelievably sophisticated and they're unbelievably well-funded and well-tooled," Jacoby said. "They have plenty of AI tools at their disposal."
A recent analysis of underground hacking communities by the cyber firm Check Point Research found online forums where new approaches to hacking tools were discussed, including one discussion thread called "ChatGPT - Benefits of Malware."
The author wrote they were attempting to use ChatGPT to recreate malicious computer code based on research papers about hacking.
While the Biden administration's strategy does not delve into the specifics of emerging technology, such as AI, it's designed to be nimble enough to account for new developments in the rapidly changing cybersecurity landscape.
"These are multi-year efforts where we are going to find gaps and where Congress will then need to lean in to help us get to where we need to go," acting National Cyber Director Kemba Walden said at a forum discussion of the strategy last week. "It's a symphony, not a single movement."
"This is an ongoing process," she added.
Walden emphasized the important role that cloud computing service providers play in securing data as a "force multiplier" for cyber threat first responders.
Google Cloud, for example, provides a variety of data storage and website hosting services. The company's ability to defend its systems was bolstered by its acquisition of the cybersecurity firm Mandiant last year.
"Everyone has a shared responsibility here," said Stacy O'Mara, who leads government strategy and partnership at Mandiant. "I think that's the purpose of the strategy -- to reinforce this concept of a shared defense."
"We've got a long process ahead of us," O'Mara said, " but I'm encouraged by the administration's efforts."