According to the book by Yuval Noah Harari, “Sapiens: A Brief History of Humankind”, humans are currently experiencing the 3rd technological revolution in our history. What we would have imagined for our future 100 or 50 years ago and now are vastly different.
Even though AI seems to just be gaining global traction in recent years, artificial intelligence papers and models have been developed since the 1950s, but at that time, the incalculably huge volumes of data and the super-powerful hardware devices that could harness AI were still missing.
Today, we see the application of AI in almost all areas that directly or indirectly make our lives more comfortable, but these are actually only a small fraction of AI’s potential. For example, according to a Forbes 2022 article, about 60-80% of projects in the AI sector fail. It should be noted that some of the reviewed projects are either very expensive or do not serve their original idea and find a niche in other applications.
The Power of AI
At present, AI solves many problems. For example, the joint Exploration Program of Google and NASA for the discovery of exoplanets.
Tesla's self-driving cars have been trained in 70,000 GPU hours of endless 3D road scenarios, which contain many unexpected situations.
The General Atomics MQ-9 Reaper American unmanned aerial vehicle, which is equipped with state-of-the-art technologies and special artificial intelligence methods, is built for search and eliminate use cases.
Recently, conversational, problem-solving, technology based on OpenAI's ChatGPT became available. The AI is able to develop dialogue, create and solve programming problems within seconds.
In cooperation with Microsoft, they want to develop new AI application projects. A notable example is creating a new search engine that can make search results significantly more accurate, and potentially become a serious competitor to Google.
Cybercrime
All this sounds wonderful and opens up new horizons for us, but there is another side to this progress. Every great thing has its downside, and that’s not just a Hollywood cliche.
The more technology develops, the higher the rate of cyber crimes. According to a report by statista.com, the damage caused by cybercrimes in 2022 cost an estimated $8.44 trillion USD, which is likely to increase by 2027, reaching about $23.82 trillion USD. It's a huge number, but 95% of successful attacks are due to human error, such as choosing a bad or repetitive password, using unlicensed software, following links in suspicious emails…
Social engineering and phishing are some of the easiest and most common methods that use fake emails to convince the victim to click on a relevant link and go to a new page. As a result, their device is infected, and the consequences are many: for example, encrypting the system and demanding compensation (Ransomware), replicating the program and spreading it to other devices (virus), providing secret access to the hacker (Trojan), stealing personal data, passwords, bank data, the list goes on.
Now, let's connect artificial intelligence with cybercriminals and see what happens.
AI and Crime become Friends
In general, the more software tools, their capabilities, and their scale, the more potential vulnerabilities increase. For similar crimes now or in the near future, AI can become a magic wand in the hands of an unwanted person or group.
Using OpenAI's ChatGPT, it is possible to describe a software problem and as a result, ChatGPT will return a portion of code that will attack various components of the victim's system.
Without being an expert, the hacker may have a similar program that will become an impetus for the attack.
Similar approaches exist in the world at this very moment and are actively used, but what if such generated programs will find 0-day vulnerabilities or be used to do mass attacks? Those ideas will cause a disaster, or excessive leakage of people's personal data and accounts, disclosure of state secrets, etc. Unfortunately, countering all this is much more complex and resource-intensive, and not everyone can resist this rising wave.
Let’s Play Hacking
Let's use this magic wand and use OpenAI's ChatGPT feature to generate fake emails. For example, I want to make a confession of love to my wife (without telling her that the author is an AI) and as an entry I gave:
“Make a confession of love to my dear Sona”.
This is the result:
Dear Sona,
My love for you is deeper than the deepest ocean and higher than the highest mountain. From the moment I saw you, I knew that I had to have you in my life. Every day I thank the stars that you are here with me, and my heart beats faster just at the thought of you. You are my best friend, my confidante, my lover, my everything. I love you so much and can't imagine life without you.
It's really exciting what a publicly available AI can do. And now let's try to create a fake email that can be sent to the victim.
“Send email to Bob working in XYZ Tech company to resetting password by company policy and clicking into link'”
Dear Bob,
We are sending this email to reset your password in accordance with the XYZ Tech company's password policy. To proceed, please click on the link below and follow the instructions.
Link: ___________________
If you have any questions or concerns about resetting your password, please let us know.
Thank you,
XYZ Tech Company
Such approaches can be applied to many topics and even automated. For example, finding certain information about victims from automated social networks and generating similar fake letters is very possible.
The White Hat Resistance
The bright side of all this is that this is not only a miracle tool for criminals, but also for their hunters. For instance, a fake hacker environment is created for hackers to make it seem as if they have made a successful attack, but instead, they will receive a malicious program that will pass everything about them to the information security staff.
Conclusion
In the end, I would like to mention that sooner or later we all may face such problems in our personal lives, at work, and even while walking down the street. This is the future we are heading towards, and while there is certainly good that will come of it, we should take care to be as informed as possible to avoid irreversible consequences.