The Era of AI Hacking Has Arrived
The summer season has brought about a new wave of phishing emails targeting Ukrainians, but this time with a twist. Russian hackers have been including an attachment containing artificial intelligence (AI) software in their campaigns. If installed, the program would automatically search the victim's computer for sensitive files and send them back to Moscow. This campaign is significant because it marks the first known instance of Russian intelligence agencies using large language models (LLMs), a type of AI chatbot that has become ubiquitous in corporate culture.
The Rise of AI-Infused Hacking
In recent months, hackers of all stripes have started incorporating AI tools into their work. LLMs, like ChatGPT, are error-prone but have become remarkably adept at processing language instructions and translating plain language into computer code or summarizing documents. While these technologies have not yet revolutionized hacking by turning complete novices into experts or allowing would-be cyberterrorists to shut down the electric grid, they are making skilled hackers better and faster.
The Escalating Cat-and-Mouse Game
Cybersecurity firms and researchers are now using AI tools, feeding into an escalating cat-and-mouse game between offensive hackers who find and exploit software flaws and defenders who try to fix them first. According to Heather Adkins, Google's vice president of security engineering, "It's the beginning of the beginning. Maybe moving towards the middle of the beginning." Adkins' team started a project in 2024 to use Google's LLM, Gemini, to hunt for important software vulnerabilities before criminal hackers could find them.
Discovering Bugs and Alerting Companies
The process is ongoing, with Adkins' team discovering at least 20 important overlooked bugs in commonly used software and alerting companies so they can fix them. None of the vulnerabilities have been shocking or something only a machine could have discovered; it's simply faster with an AI. "I haven't seen anybody find something novel," she said. "It's just kind of doing what we already know how to do. But that will advance."
AI in Cybersecurity
Adam Meyers, a senior vice president at CrowdStrike, notes that his company is using AI to help people who think they've been hacked. He sees increasing evidence of its use from the Chinese, Russian, Iranian, and criminal hackers that his company tracks. "The more advanced adversaries are using it to their advantage," he said. "We're seeing more and more of it every single day."
The Shift Catching Up with Hype
The rise of AI-infused hacking is only starting to catch up with the hype that has permeated the cybersecurity and AI industries for years, especially since ChatGPT was introduced to the public in 2022. While some cybersecurity researchers have complained about would-be hackers falling for fake vulnerability findings generated with AI, scammers and social engineers are now using LLMs to seem more convincing.
AI as a Tool for Attackers
Will Pearce, CEO of DreadNode, one of the handful of new security companies that specialize in hacking using LLMs, notes that the technology has finally started to catch up with expectations. "The technology and the models are all really good at this point," he said. Less than two years ago, automated AI hacking tools would need significant tinkering to do their job properly, but they are now far more adept.
The Future of AI-Infused Hacking
Xbow, a startup built to hack using AI, made history in June by becoming the first AI to climb to the top of the HackerOne U.S. leaderboard. Last week, HackerOne added a new category for groups automating AI hacking tools to distinguish them from individual human researchers. Xbow still leads that. The future of AI-infused hacking remains uncertain, with some experts predicting it will ultimately help attackers more than defenders.
Alexei Bulazel's Perspective
Alexei Bulazel, the senior cyber director at the White House National Security Council, notes that while hackers finding extremely disruptive flaws in major U.S. tech companies is rare, AI is particularly helpful in discovering bugs before criminals do. "The types of things that AI is better at — identifying vulnerabilities in a low cost, easy way — really democratizes access to vulnerability information," Bulazel said.
The Potential Risks
However, some experts warn that the rise of agentic AI could prove a major cybersecurity risk. Adam Meyers notes that agentic AI tools can take action on behalf of organizations without built-in guardrails to stop them from being abused. "Agentic AI is really AI that can take action on your behalf, right? That will become the next insider threat," he said.
Conclusion
The era of AI hacking has arrived, and it's not just a matter of hype anymore. While some experts predict that AI will ultimately help attackers more than defenders, others believe that defense is currently winning. The future of AI-infused hacking remains uncertain, but one thing is clear: the game between offensive hackers and defenders is evolving rapidly, with AI playing an increasingly significant role in this cat-and-mouse battle.