It’s a “I accuse” clear what Bruce Schneier, a well-known world-famous encryptor, launches against Microsoft. According to Schneier, who briefly illustrated his point of view using the pages of his personal blog, the Redmond company would have implemented a strict control activity on the activities carried out using his tools artificial intelligence for content generation.
Microsoft announced that it has identified Chinese, Russian and Iranian hackers actively using its AI-based tools to improve their hacking skills. We know, in fact, that the Redmond company makes resources available for code generation of programming.
GitHub Copilot was one of the first solutions to allow code creation in any language and is today the absolute protagonist for the creation of the vast majority of applications then published on the platform GitHub itself. Code generation skills are obviously the basis of Copilot and other Microsoft AI tools.
Schneier: Only with an analysis of user prompts and the responses provided to them can Microsoft have the type of visibility described
The legendary cryptographer Schneier notes that in the report made public by the Redmond company we read the following: “OpenAI and Microsoft today publish new details on how cybercriminals are using and exploring the possibilities of LLMs in attack techniques“.
I LLM (Large Language Models) represent a class of artificial intelligence models train on large amounts of text to learn and understand natural language. L’objective main gods LLM is generating text in a coherent and meaningful way, to answer questions, complete sentences or write essays of varying length and complexity. A well-known example of LLM is GPT (Generative Pre-trained Transformer), developed by OpenAI.
In its long review, Microsoft notes that funded hackers by some government agencies globally, are using LMMs to enhance their aggressive activity. Each group is cited by the name chosen or assigned to them: Forest Blizzard, Emerald Sleet, Crimson Sandstorm, Charcoal Typhoon e Salmon Typhoon.
Schneier’s comment suggests that Microsoft and OpenAI’s knowledge of these hacking activities is only possible with the monitoring of the sessions chat, through the control of input and output of the generative model. Even if i terms of use of the service allow the collection of information, Schneier focuses on the level of detail from which companies such as Microsoft and OpenAI can benefit by examining the information shared by users.
For its part, Microsoft specifies that the purpose ofdata analysis of chats is to ensure the safe and responsible use of AI technologies such as ChatGPTmaintaining the highest ethical standards to protect the community from possible abuse.
For Microsoft, the use of artificial intelligence in cybersecurity is a priority
Microsoft says it is exploring the potential of AI to power security measures, unlock new and advanced protections, build better software. “With AI, we have the power to adapt to evolving threats, detect anomalies instantly, respond promptly to neutralize risks, and customize defenses to an organization’s needs“, the company notes.
According to Microsoft, facing a global shortage of IT professionals IT security, with around 4 million experts needed worldwide, AI has the potential to be a crucial tool in bridging the skills gap and aiding tasks normally performed by industry professionals. And talk about a product like Copilot for Security, which can help security analysts, regardless of their skill level. Participants in the test program highlighted greater effectiveness in detection and prevention thanks to Copilot for Security neutralization of threats IT (+44%) as well as faster response (+26%) in the various types of incidents that occurred.
The same company led by Satya Nadella claims to take over one amount of malicious traffic truly immense on a daily basis. The Redmond company’s systems recognize more than 65,000 million signals per day relating to IT security. AI is enhancing the ability to analyze this information and ensure that any anomalous behavior, symptom of attacks ongoing, can be brought to light in an even more effective and timely manner.
Opening image credit: Microsoft.