Skip to main content
The Keyword
A new report from the Google Threat Intelligence Group shows adversaries experimenting with AI for novel capabilities.

Today, the Google Threat Intelligence Group (GTIG) released a new report showing a shift in the cybersecurity landscape. Adversaries are no longer using artificial intelligence just for productivity gains; they are also experimenting with novel AI-enabled operations. GTIG has observed state-sponsored actors (including from North Korea, Iran and the People's Republic of China) attempting to misuse AI to enhance their operations, from reconnaissance and phishing lure creation to data exfiltration. GTIG also observed bad actors:

  • Using AI-powered malware that can generate malicious scripts and change its code on the fly to bypass detection systems
  • Posing as students, researchers or other pretexts in prompts to bypass AI safety guardrails and extract restricted information
  • Accessing underground digital markets that offer sophisticated AI tools for phishing, malware and vulnerability research

The report also details specific steps taken by Google, including thwarting threat actors by disabling assets associated with malicious activity, and applying intel to strengthen both our classifiers and AI model against misuse.

You can read the full report on the Google Cloud Threat Intelligence blog.

Multicolored Google 'G' logo centered on a white background, surrounded by faint gray icons representing concepts like a shield, magnifying glass, brain structure, gear, fishing hook, and warning sign.
POSTED IN:

Related stories

Let’s stay in touch. Get the latest news from Google in your inbox.

Subscribe