\n<\/p>\n
Microsoft Threat Intelligence wrote in a blog post<\/a> that hackers are using OpenAI for cyber operations.<\/p>\n \u201cMicrosoft and OpenAI have not yet observed particularly novel or unique AI-enabled attack or abuse techniques resulting from threat actors\u2019 usage of AI,\u201d Microsoft wrote. \u201cHowever, Microsoft and our partners continue to study this landscape closely.\u201d<\/p>\n \u201cImportantly, our research with OpenAI has not identified significant attacks employing the LLMs we monitor closely,\u201d the post added. \u201cAt the same time, we feel this is important research to publish to expose early-stage, incremental moves that we observe well-known threat actors attempting, and share information on how we are blocking and countering them with the defender community.\u201d<\/p>\n Some of the threat actors described in the post are Charcoal Typhoon and Salmon Typhoon from China, Crimson Sandstorm from Iran, Forest Blizzard from Russia, and Emerald Sleet from North Korea.<\/p>\n Forest Blizzard often targets organizations \u201cin and related to Russia\u2019s war in Ukraine throughout the duration of the conflict, and Microsoft assesses that Forest Blizzard operations play a significant supporting role to Russia\u2019s foreign policy and military objectives both in Ukraine and in the broader international community,\u201d as well as being involved in researching \u201cvarious satellite and radar technologies.\u201d<\/p>\n Emerald Sleet is known to impersonate \u201creputable academic institutions.\u201d<\/p>\n Crimson Sandstorm has been active since at least 2017 and has targeted \u201cdefense, maritime shipping, transportation, healthcare, and technology.\u201d<\/p>\n Charcoal Typhoon has a \u201cbroad operational scope\u201d across Taiwan, Thailand, Mongolia, Malaysia, France, and Nepal, while Salmon Typhoon targets \u201cUS defense contractors, government agencies, and entities within the cryptographic technology sector.\u201d<\/p>\n