A Chinese hacking group, APT31, sanctioned for targeting U.S. critical infrastructure, has reportedly used Google’s AI chatbot, Gemini, to identify vulnerabilities and plan cyberattacks. While no attacks are confirmed to be successful, Google anticipates an increase in AI adoption by cyber criminals for semi-autonomous operations. APT31, also known as Violet Typhoon, exploited Microsoft SharePoint bugs and faced U.S. sanctions in 2024 for breaches against high-profile targets. The group’s use of Gemini involves employing structured methods to automate vulnerability analysis and generate attack plans. Integrating it with Hexstrike, a red-teaming tool, enhances their capabilities for quick reconnaissance and penetration testing, blurring lines between ethical and malicious actions. As AI tools become crucial in narrowing the patch gap between vulnerability discovery and fixes, Google highlights the urgency for security professionals to adapt, leveraging AI effectively to counteract these automated threats. Enhanced AI adoption poses significant risks, especially in vulnerability exploitation and operational efficiency for attackers.
Source link
Share
Read more