Indonesian Political, Business & Finance News

Western AI Models Accused of Assisting Iran's Cyber Attack Campaign

| By Wahyunanda Kusuma Pertiwi | Source: KOMPAS Translated from Indonesian | Technology
Western AI Models Accused of Assisting Iran's Cyber Attack Campaign
Image: KOMPAS

Western artificial intelligence models such as ChatGPT by OpenAI and Gemini by Google are reportedly being utilised by Iranian hacker groups to enhance their cyber operations capabilities.

Multiple cybersecurity experts and technology companies have concluded that generative AI chatbots are enabling Iranian hacker groups to develop malware, craft more convincing phishing messages, and launch cyber attacks on a larger scale and at greater speed.

“AI genuinely helps them improve their capabilities,” said one cybersecurity analyst whose identity was withheld due to the sensitive nature of the discussion.

According to researchers, Iranian hacker groups are now leveraging AI across virtually every stage of their cyber operations. This ranges from identifying security vulnerabilities online, creating convincing false identities, translating communications into various languages, to devising phishing campaigns specifically targeting victims in Israel, the United States, and other nations.

With AI assistance, Iranian hackers have reportedly been able to craft emails and phishing messages in Hebrew and Arabic that are more polished and persuasive than previously possible.

One example believed to be AI-generated involved imagery appearing on advertisement and information signs at several Israeli railway stations, which is suspected to be a cyber attack designed to cause panic. The message in Hebrew read: “Hello residents, an Iranian missile warning has been activated for the metro. You must follow the commander’s internal instructions and leave immediately. Exit the underground station carefully and proceed to a shelter. The underground train is not safe at the moment.”

Additionally, AI is said to enable Iranian operators to maintain conversations over several weeks using false identities in order to build trust with potential victims.

“If you are based in Tehran and are impersonating HR staff at a defence company in California, maintaining a conversation over one month would not be an easy task. AI helps them do that,” said one cybersecurity analyst.

Shortly before tensions between Iran and Israel escalated earlier this year, Google detected APT42 utilising Gemini to create false personas and support social engineering activities.

Google’s report from the previous year revealed that Iranian hacker groups were using Gemini more extensively than hacker groups originating from North Korea, Russia, or China.

View JSON | Print