Summary: Nation-state threat actors are utilizing generative AI tools to enhance their existing attack techniques, though they have not yet created fundamentally new attack vectors using these models. Google’s VP for Threat Intelligence highlighted that the heaviest users of such tools are APT groups from Iran, China, and North Korea. The analysis also indicated that while generative AI assists in various attack phases, it is equally beneficial in strengthening cybersecurity defenses.
Affected: Google, Cybersecurity Community
Keypoints :
- Generative AI is being used mainly as a productivity tool by threat actors, enhancing existing techniques rather than creating new vectors.
- Iranian, Chinese, and North Korean APT groups are the most active users of Google’s Gemini GenAI services, focusing on research and exploitation of defense systems.
- GenAI also provides significant advantages to cybersecurity teams through use cases like vulnerability detection and malware analysis.
Source: https://thecyberexpress.com/threat-groups-genai-use/