Good AI, bad AI

B2B Cyber ​​Security ShortNews

Share post

According to security researchers in Israel, hacker gangs are already using artificial intelligence (AI) to train their new members. They are also assisted by AI to improve malware, automate attacks and generally run their criminal operations smoothly.

On the other hand, the management consultants at McKinsey found out through a survey for the year 2022 that 50 percent of the companies surveyed use AI to support work in at least one business area - in 2017 it was only 20 percent. According to Forbes magazine, as many as 60 percent of the entrepreneurs surveyed believe that AI will increase the productivity of their company in general, with 64 percent believing in an increase in operational productivity, while 42 percent relate to the improvement of work processes.

This juxtaposition nicely shows how one and the same technology can be used here for good and bad purposes. The concern that is currently driving the population the most: Can AI learn which areas of application are good or bad in order to prevent misuse on its own?

ChatGPT and Google Bard help hackers

  • Automated Cyber ​​Attacks: Since both tools have been on the market, our security researchers have seen a proliferation of bots that remotely control infected computers and other automated systems. These are ideal for DDoS attacks, which can paralyze a server or an entire system with an enormous number of access requests. For this reason too, IT attacks increased by 38 percent worldwide last year.
  • Help creating malware, phishing e-mails, deepfakes and the design of cyber attacks: hackers recognized early on that ChatGPT could create command lines for malware or write phishing e-mails - the latter in better English or German than the criminals could often write themselves. Also, since ChatGPT and Google Bard learn with each input, they can even create complicated content, such as images, videos, or even sound recordings. This is where the danger of deepfakes comes into play. This means films that show and speak to a certain person in the way we are used to from them, even though it is a fake. Modern technology enables the falsification of facial expressions, gestures and voice. Barack Obama, Joe Biden, Volodymyr Zelenskyy and Vladimir Putin have already fallen victim to such deepfakes.
  • petty criminals without great programming ability can become hackers: With the help of such AI-driven chatbots, hacker gangs can, as mentioned above, train their new members, or people with criminal tendencies can quickly tinker and launch a small IT attack. This leads to a flood of, so to speak, mini-attacks and new hacker groups.

In order to prevent this abuse, the manufacturer of ChatGPT, the company OpenAI, installed some security devices and excluded countries from use, but this did not last long: First, the request blocks were circumvented by cleverly asking the chatbot, then the country restrictions were overturned, then premium accounts were stolen and sold on a large scale and now even clones of ChatGPT are offered on the Darknet in the form of API interfaces.

One way to make the AI ​​itself less vulnerable to abuse is to train the AI ​​itself. Engineers agree that once learned knowledge is impossible to remove from an AI, some sort of ethics catalog should be taught to the AI ​​from the start so that it will follow certain rules by itself. This would also be possible with laws that simply prohibit some actions.

More at


About check point

Check Point Software Technologies GmbH ( is a leading provider of cybersecurity solutions for public administrations and companies worldwide. The solutions protect customers from cyberattacks with an industry leading detection rate for malware, ransomware and other types of attacks. Check Point offers a multi-level security architecture that protects company information in cloud environments, networks and on mobile devices, as well as the most comprehensive and intuitive “one point of control” security management system. Check Point protects over 100.000 businesses of all sizes.


Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

The AI ​​Act and its consequences for data protection

With the AI ​​Act, the first law for AI has been approved and gives manufacturers of AI applications between six months and ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Mobile spyware poses a threat to businesses

More and more people are using mobile devices both in everyday life and in companies. This also reduces the risk of “mobile ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more