North Korean hackers have been spotted using generative AI to fuel the country’s hacking schemes, according to South Korea’s National Intelligence Service (NIS).
“Recently, it has been confirmed that North Korean hackers use generative AI to search for hacking targets and search for technologies needed for hacking,” a senior NIS official told reporters, according to Yonhap News Agency.
South Korea’s intelligence service didn’t go into details. But so far, the North Korean hackers have refrained from using generative AI to conduct an actual cyberattack. Instead, it looks like they are tapping today’s AI models for planning purposes. In response, South Korea plans to closely monitor North Korea’s effort to use generative AI for cyberattacks.
Earlier this week, the country’s intelligence service also issued an alert that warned North Korean hackers will probably try to disrupt elections in South Korea and in the US by spreading fake news and AI-generated deepfakes.
The other worry is that North Korea hackers will tap generative AI to polish their phishing messages, including incorporating voice cloning. The assessment from South Korea arrives as UK intelligence also expects generative AI to aid cybercriminals and state-sponsored hackers in the next two years.
“All types of cyber threat actor—state and non-state, skilled and less skilled—are already using AI, to varying degrees,” says the report from the UK’s National Cyber Security Centre, citing both classified intelligence and industry data.
However, the UK doesn’t view AI programs becoming smart enough to orchestrate cyberattacks on their own. Instead, the threat arises with how generative AI can analyze or learn from a massive amount of information to find important insights. This could become a valuable tool for when hackers steal data from victims or try to perfect their social engineering attacks.
“The emergent use of AI in cyberattacks is evolutionary not revolutionary, meaning that it enhances existing threats like ransomware but does not transform the risk landscape in the near term,” National Cyber Security Centre’s CEO Lindy Cameron said in a statement.
