Talion is a finalist for Best SIEM Solution for the 4th year in a row

Talion is a finalist for Best SIEM Solution for the 4th year in a row

Cyber Criminals Take Advantage Of ChatGPT: Phishing Emails & More - Talion

ChatGPT has conjured up a storm as business professionals and marketers have stepped up to share their opinions on how powerful artificial intelligence is for productivity and process automation.

Whilst there is a lot of value to gain from generative AI, there is also a darker side to tools like ChatGPT in the cybersecurity world as cyber criminals are increasingly using it to carry out more sophisticated attacks.


Writing Effective Phishing Emails Has Never Been Easier

Knowing ChatGPT can do everything from language translating, to perfecting grammar, to conjuring up business material with a simple set of instructions by the user, there really is no limit to where ChatGPT could take you – or take a cyber criminal.

When we speak to organisations during the sales process, many say they approach phishing with education – that spotting a phishing email involves noticing a grammar mistake or that strangely phrased text that doesn’t quite sound like your CEO at all (because it isn’t). With ChatGPT, however, these will no longer be prime indicators – not when cyber criminals can type what they want into the software, and it filters out a perfectly typed response that matches the exact style and tone you ask for. Mimicking senior directors or creating realistic conversation starters will become easy and effortless. Russian hackers, for example, can craft legitimate-looking emails regardless of their language capacity. And isn’t that dangerous?

A recent study decided to put ChatGPT to the test. Mimicking a cyber criminal, researchers logged in to the software and asked it to produce a series of spear phishing emails. What they found was that ChatGPT not only builds emails that match the given criteria, but it also provides many unique iterations, each intending to build trust with the recipient with conversational and realistic language. These unique iterations can then be used for multiple different campaigns with no crossover.

If that wasn’t enough, the researchers asked ChatGPT why the spear phishing email would be successful, and it provided a “lengthy response detailing the core social engineering principles behind what makes the phishing email effective.” It even provided examples of how threat actors can abuse Open AI when asked about its capabilities. So yes, ChatGPT is self-aware too – but that’s hardly stopping it.



Could ChatGPT Be A Cheat Sheet To Malicious Coding?

Cyber criminals and sufficient knowledge of coding come hand in hand – after all, to infiltrate networks and manipulate users into sharing sensitive information, they need to be able to maneuver themselves around advanced software. Obviously, this comes with its limits, and cyber criminals often do utilise genuine tools aimed at security teams to simplify their hacking campaigns, but there is still a base level of knowledge “required”. With the introduction of ChatGPT however, this base level could drop as more aspiring cyber criminals work with the software to simplify coding or learn it quicker.

Recently, a number of threat actors have announced their successes with ChatGPT in underground hacking forums, claiming they have used it to recreate malware strains, amongst other exploits. CTO Richard Ford commented to say, “do you understand the code you’re pulling in and in the context of your application, is it secure? There’s tremendous risk when you cut and paste code you don’t understand the side effect of.” It’s true that ChatGPT does not come with automatic coding understanding for the user – it is very likely they could try to build a code that contextually does not make sense. However, this still poses security risk. Regardless of whether the code is intentionally effective or not, there is a high possibility of something going wrong.

After all, an open AI platform that you’d think was initially there for positive technological advancements has essentially become a highly effective cut through for a hacker’s walk through to attack execution, and it’s worrying where this could continue to take us as a society.


Let’s Flip It – Could ChatGPT Help Cyber Criminal Victims?

Clearly cyber criminals have been misusing ChatGPT for their own malicious campaigns, but it’d only be fair to look at the other side. Could it aid organisations in fighting cyber crime too?

With ChatGPT’s ability to answer questions with speed and purported accuracy, it’s arguably a perfect alternative to google research. Rather than skim-reading hundreds of articles to find those that are relevant, ChatGPT accumulates all the information you need right in one place in a matter of seconds. This is particularly useful for employee education surrounding cyber security. If employees are unsure of a phishing email or want to double check something that is complex and not easily found via google, ChatGPT could be the perfect companion. Would this decrease the number of phishing emails clicked? Could organisations direct employees to ChatGPT for an interactive learning experience based on their own personal security questions?



Overall, it’s difficult to see where ChatGPT could be advantageous in fighting cyber crime without using trial and error in real life business situations. And in terms of its disadvantages? There’s ultimately nothing we can do; having Open AI available naturally comes with benefits and risks – we can’t have one without the other. Whilst we “can’t” let cyber criminals take advantage of ChatGPT when it is a giant step for societal technological advancements, we simply have to because of this very reason – or at least, we have to if we aren’t willing to let ChatGPT go.

Would it make sense to fold ChatGPT for a safer future but stay stuck in the past? Or is it important to take the risk and push technological advancements to their peak?

A question we all may be asking is…

Who decides where we draw the line?


Interested in seeing how our cyber security services could add value to your business? Contact us.

Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
24x7x365 UK-based Security Operations Centre
Service underpinned by market leading threat intelligence team
Continually developed threat relevant content, backed by SLAs
MDR service has featured in the Gartner Magic Quadrant for 6 consecutive years
Experts in SIEM and SOAR technology
UK-based Senior Leadership
Looking to maximise value and flexibility?
Learn how Talion and DEVO partner to achieve this.
Discuss your cyber security needs
Contact us below and one of our team will be in touch to answer your questions.

Call us on 0800 048 5775

Call us directly and we’ll put you in touch with the most relevant cyber expert.

Get In Touch With Us

Not currently free to call? Give us a brief description of what you’re looking for by filling out our form and we’ll email you as soon as we can.

CISO Cyber Dinner – Register Your Interest!

Thought-provoking cyber security discussion at Michelin-star restaurants across the UK.