How potentially dangerous are i large language models (LLM) regarding IT security? A recent analysis highlights this fear, demonstrating how distrust towards AI, in many cases, is more than justified.
From a study byUniversity of Illinois Urbana-Champaign (UIUC) emerged as GPT4 is potentially the ideal tool for exploiting exploits, even in the context of zero-day vulnerabilities.
The experts worked by analyzing a set of 15 exploitwith AI proving capable of finding ways to exploit them in87% of cases. Compared to older LLMs, such as GPT-3.5 o Llama 2the capabilities of AI were found to be much higher.
Despite this, the use of ChatGPT is not as simple as one might think at first for cybercriminals.
GPT-4 a very dangerous tool in the hands of cyber criminals
To make AI so effective when it comes to strategizing exploits, you need to describe the situation in detail. In this sense, to carry out the study, the experts relied on the description present in the database CVE.
Although there has long been talk about how AI could become a weapon in the hands of cybercriminals, this study sheds light like never before on the potential of the latest generation LLMs. In fact, until a few months ago, this technology was mainly used to create malicious code or in the context of campaigns phishing: a basic use compared to the current potential abuse of GPT-4 and other similar tools.
Although AI’s ability to hack websites independently, UIUC research has highlighted how abusing these tools is, after all, not too difficult. Just last February, the aforementioned Llama 2 was the protagonist, despite itself, of an attempted abuse by cybercriminals.