Straitstimes.com header logo

AI being used for hacking and misinformation, top Canadian cyber official says

Sign up now: Get ST's newsletters delivered to your inbox

In recent months, several cyber watchdog groups have published reports warning about the hypothetical risks of AI.

In recent months, several cyber-watchdog groups have published reports warning about the hypothetical risks of AI.

PHOTO: REUTERS

Follow topic:

WASHINGTON Hackers and propagandists are wielding artificial intelligence (AI) to create malicious software, draft convincing phishing e-mails and spread disinformation online, Canada’s top cyber-security official told Reuters, early evidence that the technological revolution sweeping Silicon Valley has also been adopted by cyber criminals.

In an interview this week, Canadian Centre for Cyber Security head Sami Khoury said that his agency had seen AI being used “in phishing e-mails, or crafting e-mails in a more focused way, in malicious code (and) in misinformation and disinformation”.

Mr Khoury did not provide details or evidence, but his assertion that cyber criminals were already using AI adds an urgent note to the chorus of concern over the use of the emerging technology by rogue actors.

In recent months, several cyber-watchdog groups have published reports warning about the hypothetical risks of AI – especially the fast-advancing language processing programmes known as large language models (LLMs), which draw on huge volumes of text to craft convincing-sounding dialogue, documents and more.

In March, the

European police organisation Europol published a report

saying that models such as OpenAI’s ChatGPT had made it possible “to impersonate an organisation or individual in a highly realistic manner even with only a basic grasp of the English language”.

The same month, Britain’s National Cyber Security Centre said in a blog post that there was a risk that criminals “might use LLMs to help with cyber attacks beyond their current capabilities”.

Cyber-security researchers have demonstrated a variety of potentially malicious use cases, and some now say they are beginning to see suspected AI-generated content in the wild.

Last week, a former hacker said he had discovered an LLM trained on malicious material and asked it to draft a convincing attempt to trick someone into making a cash transfer.

The LLM responded with a three-paragraph e-mail asking its target for help with an urgent invoice.

“I understand this may be short notice,” the LLM said, “but this payment is incredibly important and needs to be done in the next 24 hours.”

Mr Khoury said that while the use of AI to draft malicious code was still in its early stages – “there’s still a way to go because it takes a lot to write a good exploit” – the concern was that AI models were evolving so quickly that it was difficult to get a handle on their malicious potential before they were released into the wild.

“Who knows what’s coming around the corner,” he said. REUTERS

More on this topic
Jailbreaking AI chatbots is tech’s new pastime
Microsoft unveils OpenAI-based chat tools for fighting cyber attacks
See more on

E-paper

Newsletters

Podcasts

RSS Feed

About Us

Terms & Conditions

Privacy Policy

Need help? Reach us here.

Advertise with us

Download the app

Get unlimited access to exclusive stories and incisive insights from the ST newsroom
Subscribe Placeholder
MDDI (P) 048/10/2024. Published by SPH Media Limited, Co. Regn. No.202120748H. Copyright © 2025 SPH Media Limited. All rights reserved.