{"id":194567,"date":"2024-03-01T12:43:56","date_gmt":"2024-03-01T12:43:56","guid":{"rendered":"https:\/\/www.techopedia.com\/?p=194567"},"modified":"2024-03-01T12:45:12","modified_gmt":"2024-03-01T12:45:12","slug":"5-state-backed-ai-threat-actors-identified-by-microsoft-openai","status":"publish","type":"post","link":"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai","title":{"rendered":"5 &#8216;State-Backed AI Threat Actors&#8217; Identified by Microsoft &#038; OpenAI"},"content":{"rendered":"<p>Microsoft and OpenAI have shone a spotlight on the growing use of <a href=\"https:\/\/www.techopedia.com\/definition\/190\/artificial-intelligence-ai\">artificial intelligence<\/a> (AI) by state-affiliated cyber threat actors.<\/p>\n<p>Malicious groups from Russia, China, North Korea, and Iran are alleged to be leveraging <a href=\"https:\/\/www.techopedia.com\/definition\/34948\/large-language-model-llm\">large language models<\/a> (LLMs) like <a href=\"https:\/\/www.techopedia.com\/definition\/34933\/chatgpt\">ChatGPT<\/a> to support malicious campaigns.<\/p>\n<p>OpenAI says it has <a href=\"https:\/\/openai.com\/blog\/disrupting-malicious-uses-of-ai-by-state-affiliated-threat-actors\" target=\"_blank\">partnered with Microsoft<\/a> to identify and neuter <a href=\"https:\/\/www.techopedia.com\/definition\/threat-actor\">threat actors<\/a> that they say are probing the capabilities and limits of systems like ChatGPT, <a href=\"https:\/\/www.techopedia.com\/definition\/dall-e\">DALL-E<\/a>, and <a href=\"https:\/\/www.techopedia.com\/definition\/copilot-ai\">CoPilot<\/a> \u2014 with the tech giants aiming to disrupt their actions and push the frontiers of AI safety.<\/p>\n<p>Microsoft has announced it would <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2024\/02\/14\/staying-ahead-of-threat-actors-in-the-age-of-ai\/\" target=\"_blank\">map identified adversary tactics, techniques, and procedures<\/a> (TTPs) into the <a href=\"https:\/\/www.techopedia.com\/definition\/tactics-techniques-and-procedures-ttps\">MITRE ATT&amp;CK framework<\/a>.<\/p>\n<div class=\"su-note\"  style=\"border-color:#dddddd;border-radius:3px;-moz-border-radius:3px;-webkit-border-radius:3px;\"><div class=\"su-note-inner su-u-clearfix su-u-trim\" style=\"background-color:#f7f7f7;border-color:#ffffff;color:#333333;border-radius:3px;-moz-border-radius:3px;-webkit-border-radius:3px;\">\n<h2><span id=\"key_takeaways\">Key Takeaways<\/span><\/h2>\n<ul>\n<li>Microsoft and OpenAI have identified alleged state-affiliated cyber threat actors from Russia, China, North Korea, and Iran, who stand accused of using LLMs like ChatGPT for malicious campaigns.<\/li>\n<li>These actors are Charcoal Typhoon and Salmon Typhoon from China, Forest Blizzard from Russia, Emerald Sleet from North Korea, and Crimson Sandstorm from Iran.<\/li>\n<li>They have been accused of using LLMs for various malicious activities, including reconnaissance, deceptive communications, malware development, and spear-phishing campaigns.<\/li>\n<li>&#8220;The genie is out of the bottle&#8221;: Techopedia speaks to a wide panel of experts to investigate the issue of state-backed threats coupled with AI.<\/li>\n<\/ul>\n<\/div><\/div>\n<div>\n    <section class=\"toc-sticky w-100 bg-white \">\n        <div class=\"toc-sticky__container container\">\n            <div class=\"toc-sticky__open d-flex align-items-end\" data-bs-toggle=\"collapse\"\n                 aria-controls=\"multiCollapse1\"\n                 data-bs-target=\"#multiCollapse1\">\n                <button\n                        class=\"btn btn-primary collapse-action-btn p-1 rounded-circle\"\n                        type=\"button\"\n                >\n                    <i class=\"icon-chevron-up\"><\/i>\n                <\/button>\n                <span id=\"toc-current-title\" class=\"d-flex align-items-center\">\n                    Table of Contents\n                <\/span>\n                <span class=\"toc-main-title-permanent\">Table of Contents<\/span>\n            <\/div>\n            <div\n                    class=\"collapse my-3\"\n                    id=\"multiCollapse1\"\n            >\n                <ol class=\"StepProgress\">\n                                                                        <li class=\"StepProgress-item current\">\n                                                <div class=\"StepProgress-item__group\">\n                            <a data-id=\"key_takeaways\"\n                               onclick=handleScrollToTitle(\"key_takeaways\")\n                               class=\"StepProgress-item__link\" data-level=\"2\">Key Takeaways<\/a>\n                                                    <\/div>\n                                                <\/li>\n                                                                        <li class=\"StepProgress-item\">\n                                                <div class=\"StepProgress-item__group\">\n                            <a data-id=\"how_five_nation-state_threat_actors_are_weaponizing_ai\"\n                               onclick=handleScrollToTitle(\"how_five_nation-state_threat_actors_are_weaponizing_ai\")\n                               class=\"StepProgress-item__link\" data-level=\"2\">How Five Nation-State Threat Actors are Weaponizing AI<\/a>\n                                                    <\/div>\n                                                <\/li>\n                                                                        <li class=\"StepProgress-item\">\n                                                <div class=\"StepProgress-item__group\">\n                            <a data-id=\"microsoft_categorizes_nine_llm-themed_ttps\"\n                               onclick=handleScrollToTitle(\"microsoft_categorizes_nine_llm-themed_ttps\")\n                               class=\"StepProgress-item__link\" data-level=\"2\">Microsoft Categorizes Nine LLM-Themed TTPs<\/a>\n                                                    <\/div>\n                                                <\/li>\n                                                                        <li class=\"StepProgress-item\">\n                                                <div class=\"StepProgress-item__group\">\n                            <a data-id=\"ai_safety_still_a_mirage\"\n                               onclick=handleScrollToTitle(\"ai_safety_still_a_mirage\")\n                               class=\"StepProgress-item__link\" data-level=\"2\">AI Safety Still A Mirage<\/a>\n                                                    <\/div>\n                                                <\/li>\n                                                                        <li class=\"StepProgress-item\">\n                                                <div class=\"StepProgress-item__group\">\n                            <a data-id=\"how_to_combat_ai-driven_cyber_operations\"\n                               onclick=handleScrollToTitle(\"how_to_combat_ai-driven_cyber_operations\")\n                               class=\"StepProgress-item__link\" data-level=\"2\">How to Combat AI-Driven Cyber Operations<\/a>\n                                                    <\/div>\n                                                <\/li>\n                                                                        <li class=\"StepProgress-item\">\n                                                <div class=\"StepProgress-item__group\">\n                            <a data-id=\"the_bottom_line\"\n                               onclick=handleScrollToTitle(\"the_bottom_line\")\n                               class=\"StepProgress-item__link\" data-level=\"2\">The Bottom Line<\/a>\n                                                    <\/div>\n                                                <\/li>\n                                                                        <li class=\"StepProgress-item\">\n                                                <div class=\"StepProgress-item__group\">\n                            <a data-id=\"references\"\n                               onclick=handleScrollToTitle(\"references\")\n                               class=\"StepProgress-item__link\" data-level=\"2\">References<\/a>\n                                                    <\/div>\n                                                <\/li>\n                                    <\/ol>\n                <div class=\"toc-sticky__container__disperse\"><\/div>\n                <div class=\"toc-sticky__btn-top justify-content-center\">\n                    <button class=\"btn btn-link d-flex align-items-center\" onclick={btnTop()}><p>Show Full Guide<\/p><img decoding=\"async\"\n                                src=\"\/wp-content\/plugins\/table-of-contents\/assets\/images\/arrow-up-circle.svg\"\n                                alt=\"arrow-up-circle\">\n                    <\/button>\n                <\/div>\n            <\/div>\n        <\/div>\n    <\/section>\n    <div class=\"toc-sticky-list\">\n        <div class=\"toc-sticky__container container\">\n            <div class=\"toc-sticky__open d-flex align-items-end\" data-bs-toggle=\"collapse\" aria-controls=\"multiCollapse2\" data-bs-target=\"#multiCollapse2\">\n                <button class=\"btn btn-primary collapse-action-btn p-1 rounded-circle\"\n                        type=\"button\">\n                    <i class=\"icon-chevron-up up\"><\/i>\n                <\/button>\n                <span id=\"toc-current-title\" class=\"d-flex align-items-center\">\n                    Table of Contents\n                <\/span>\n            <\/div>\n            <div  class=\"collapse my-3\" id=\"multiCollapse2\">\n                <ol class=\"StepProgress\">\n                    \t\t\t\t\t \t\t\t\t\t                                                     <li class=\"StepProgress-item current \">\n                                                    <div class=\"StepProgress-item__group\">\n                                <a data-id=\"key_takeaways\"\n                                   onclick=handleScrollToTitle(\"key_takeaways\")\n                                   class=\"StepProgress-item__link\"\n                                   data-level=\"2\">Key Takeaways<\/a>\n                                                            <\/div>\n                                                    <\/li>\n                    \t\t\t\t\t \t\t\t\t\t                                                     <li class=\"StepProgress-item \">\n                                                    <div class=\"StepProgress-item__group\">\n                                <a data-id=\"how_five_nation-state_threat_actors_are_weaponizing_ai\"\n                                   onclick=handleScrollToTitle(\"how_five_nation-state_threat_actors_are_weaponizing_ai\")\n                                   class=\"StepProgress-item__link\"\n                                   data-level=\"2\">How Five Nation-State Threat Actors are Weaponizing AI<\/a>\n                                                            <\/div>\n                                                    <\/li>\n                    \t\t\t\t\t \t\t\t\t\t                                                     <li class=\"StepProgress-item \">\n                                                    <div class=\"StepProgress-item__group\">\n                                <a data-id=\"microsoft_categorizes_nine_llm-themed_ttps\"\n                                   onclick=handleScrollToTitle(\"microsoft_categorizes_nine_llm-themed_ttps\")\n                                   class=\"StepProgress-item__link\"\n                                   data-level=\"2\">Microsoft Categorizes Nine LLM-Themed TTPs<\/a>\n                                                            <\/div>\n                                                    <\/li>\n                    \t\t\t\t\t \t\t\t\t\t\n\t\t\t\t\t\t <span class=\"show_moretoc\">Show Full Guide<\/span>\n\t\t\t\t\t\t \t\t\t\t\t \t\t\t\t\t\t  \t\t\t\t\t                                                      <li class=\"StepProgress-item ms_hidetoc\">\n                                                    <div class=\"StepProgress-item__group\">\n                                <a data-id=\"ai_safety_still_a_mirage\"\n                                   onclick=handleScrollToTitle(\"ai_safety_still_a_mirage\")\n                                   class=\"StepProgress-item__link\"\n                                   data-level=\"2\">AI Safety Still A Mirage<\/a>\n                                                            <\/div>\n                                                    <\/li>\n                    \t\t\t\t\t \t\t\t\t\t \t\t\t\t\t\t  \t\t\t\t\t                                                      <li class=\"StepProgress-item ms_hidetoc\">\n                                                    <div class=\"StepProgress-item__group\">\n                                <a data-id=\"how_to_combat_ai-driven_cyber_operations\"\n                                   onclick=handleScrollToTitle(\"how_to_combat_ai-driven_cyber_operations\")\n                                   class=\"StepProgress-item__link\"\n                                   data-level=\"2\">How to Combat AI-Driven Cyber Operations<\/a>\n                                                            <\/div>\n                                                    <\/li>\n                    \t\t\t\t\t \t\t\t\t\t \t\t\t\t\t\t  \t\t\t\t\t                                                      <li class=\"StepProgress-item ms_hidetoc\">\n                                                    <div class=\"StepProgress-item__group\">\n                                <a data-id=\"the_bottom_line\"\n                                   onclick=handleScrollToTitle(\"the_bottom_line\")\n                                   class=\"StepProgress-item__link\"\n                                   data-level=\"2\">The Bottom Line<\/a>\n                                                            <\/div>\n                                                    <\/li>\n                    \t\t\t\t\t \t\t\t\t\t \t\t\t\t\t\t  \t\t\t\t\t                                                      <li class=\"StepProgress-item ms_hidetoc\">\n                                                    <div class=\"StepProgress-item__group\">\n                                <a data-id=\"references\"\n                                   onclick=handleScrollToTitle(\"references\")\n                                   class=\"StepProgress-item__link\"\n                                   data-level=\"2\">References<\/a>\n                                                            <\/div>\n                                                    <\/li>\n                                    <\/ol>\n            <\/div>\n            <div class=\"toc-sticky__container__disperse\"><\/div>\n        <\/div>\n    <\/div>\n<\/div>\n\n<script id=\"toc-js\">\n    window.addEventListener(\"DOMContentLoaded\", () => {\n        const header = document.querySelector(\".header_wrapper\");\n\n        const pageLegend = document.querySelector('#multiCollapse1');\n        const pageLegendList = document.querySelector('#multiCollapse2');\n        const pageLegendCollapse = new bootstrap.Collapse(pageLegend, {toggle: document.querySelector(\".toc-sticky\").classList.contains('sticky')});\n\n        \/**\n         * Changing current title\n         *\/\n        (function (pageLegend) {\n            const titleNodes = pageLegend.querySelectorAll('.StepProgress-item__link');\n\n            if (!titleNodes.length) return;\n\n            const titles = [...titleNodes].map((itm, i) => ({\n                id: itm.getAttribute('data-id'),\n                text: itm.textContent,\n                level: itm.getAttribute('data-level'),\n                linkNode: itm,\n                titleNode: document.getElementById(itm.getAttribute('data-id')),\n                index: i,\n            }));\n\n            \/**\n             * Source: https:\/\/www.sitepoint.com\/throttle-scroll-events\/\n             * @param {Function} fn\n             * @param {number} wait\n             * @returns {(function(): void)|*}\n             *\/\n            const throttle = (fn, wait) => {\n                let time = Date.now();\n                return function () {\n                    if ((time + wait - Date.now()) < 0) {\n                        fn();\n                        time = Date.now();\n                    }\n                }\n            }\n\n            const changeCurrentTitle = () => {\n                const documentScrollTop = window.pageYOffset || document.documentElement.scrollTop || document.body.scrollTop || 0;\n                let current = 0;\n\n                \/\/ Title\n                titles.forEach((itm, i) => {\n\t\t\t\t\/\/console.log(itm)\n                    const itmOffsetTop = itm.titleNode ? itm.titleNode.offsetTop - 100 : 0;\n\n                    if (documentScrollTop >= itmOffsetTop) {\n                        document.getElementById('toc-current-title').innerHTML = itm.text;\n                        document.getElementById('toc-current-title').setAttribute('data-current-id', itm.id);\n                        document.getElementById('toc-current-title').setAttribute('data-current-level', itm.level);\n                        current = i;\n                    }\n                })\n\n                \/\/ close all list and open sub list if needed\n                if (document.querySelector(\".toc-sticky\").classList.contains('sticky')) {\n                    document.querySelectorAll('.subList-in-progress').forEach((el) => {\n                        el.children[1].classList.remove('show');\n                        el.getElementsByClassName('icon-chevron-down')[0].classList.remove('up');\n                    });\n                    const currentEl = titles[current];\n                    currentEl.linkNode.classList.add('show');\n                }\n\n                titles.forEach((itm, i) => {\n                    itm.linkNode.parentNode.parentNode.classList.remove('current', 'is-done');\n                    if (current > i) {\n                        itm.linkNode.parentNode.parentNode.classList.add('is-done')\n                    };\n                    if (current === i) {\n                      itm.linkNode.parentNode.parentNode.classList.add('current');\n                    };\n                })\n\n            }\n\n            changeCurrentTitle();\n\n            document.addEventListener('scroll', throttle(changeCurrentTitle, 50));\n        })(pageLegend);\n\n\n        \/**\n         *  Collapse\n         *\/\n        (function (pageLegend, header) {\n            const icon = pageLegend.parentNode.querySelector(\".collapse-action-btn i\");\n\n            const collapseToggle = (status) => (e) => {\n                if (!e.target.isEqualNode(pageLegend)) return;\n\n                icon.classList.toggle(\"up\");\n\n                const containerHeight = pageLegend.getBoundingClientRect().height;\n\n                const showSubtitleContent = () => {\n                    const currentId = document.getElementById('toc-current-title').getAttribute('data-current-id');\n                    const currentLevel = document.getElementById('toc-current-title').getAttribute('data-current-level');\n                    const currentSubTitle = currentLevel == 3 ? document.querySelector(`a[data-id=\"${currentId}\"]`).parentNode.parentNode.parentNode : false;\n\n                    if (!currentSubTitle) return;\n                    new bootstrap.Collapse(currentSubTitle, {toggle: false}).show();\n                }\n\n                showSubtitleContent();\n                if (status === 'shown' && document.querySelector(\".toc-sticky\").classList.contains('sticky') ) {\n                    document.querySelector('html').classList.remove('overflow-hidden');\n                    pageLegend.classList.add('overflow-auto');\n                    pageLegend.style.height = `calc(100vh - ${header.getBoundingClientRect().height + document.querySelector('.toc-sticky__open').getBoundingClientRect().height + 16}px)`;\n                } else if (status === 'hide') {\n                    document.querySelector('html').classList.remove('overflow-hidden');\n                    pageLegend.classList.remove('overflow-auto');\n                    pageLegend.style.height = 'auto';\n                }\n            }\n\n            pageLegend.addEventListener('shown.bs.collapse', collapseToggle('shown'));\n            pageLegend.addEventListener('hide.bs.collapse', collapseToggle('hide'));\n        })(pageLegend, header);\n\n        \/**\n         * Collapse sub-titles\n         *\/\n        (function (pageLegend) {\n            const collapseEls = pageLegend.querySelectorAll('.collapse');\n\n            collapseEls.forEach(function (el) {\n\n                const toggleArrowDirection = function (e) {\n                    if (!e.target.isEqualNode(el)) return;\n\n                    const id = this.getAttribute('id');\n                    document.querySelector(`.collapse-action-btn[data-bs-target=\"#${id}\"] .icon-chevron-down`).classList.toggle('up');\n                }\n                el.addEventListener('shown.bs.collapse', toggleArrowDirection);\n                el.addEventListener('hide.bs.collapse', toggleArrowDirection);\n            })\n        })(pageLegend);\n\n        \/**\n         *  Collapse main title\n         *\/\n        (function (pageLegendList) {\n            const icon = pageLegendList.parentNode.querySelector(\".collapse-action-btn i\");\n\n            const collapseToggle = () => (e) => {\n                if (!e.target.isEqualNode(pageLegendList)) return;\n\n                icon.classList.toggle(\"up\");\n\n            }\n            pageLegendList.addEventListener('shown.bs.collapse', collapseToggle());\n            pageLegendList.addEventListener('hide.bs.collapse', collapseToggle());\n        })(pageLegendList);\n\n        (function (pageLegendList) {\n            const collapseEls = pageLegendList.querySelectorAll('.collapse');\n\n            collapseEls.forEach(function (el) {\n\n                const toggleArrowDirection = function (e) {\n                    if (!e.target.isEqualNode(el)) return;\n\n                    const id = this.getAttribute('id');\n                    document.querySelector(`.toc-sticky-list .collapse-action-btn[data-bs-target=\"#${id}\"] .icon-chevron-down`).classList.toggle('up');\n                }\n                el.addEventListener('shown.bs.collapse', toggleArrowDirection);\n                el.addEventListener('hide.bs.collapse', toggleArrowDirection);\n            })\n        })(pageLegendList);\n\n        \/**\n         * Sticky functionality\n         * Source: https:\/\/stackoverflow.com\/questions\/17893771\/javascript-sticky-div-after-scroll\n         *\/\n        (function (header, pageLegendCollapse) {\n            \/\/ set everything outside the onscroll event (less work per scroll)\n            const target = document.querySelector(\".toc-sticky\");\n            const targetListStatic = document.querySelector(\".toc-sticky-list\");\n\n            if (!target || !header) return;\n\n            const headerHeight = header.getBoundingClientRect().height;\n            const targetHeight = targetListStatic.getBoundingClientRect().height;\n\n            \/\/ -headerHeight so it won't be jumpy\n            const stop = targetListStatic.offsetTop + headerHeight + targetHeight;\n            const docBody =\n                document.documentElement || document.body.parentNode || document.body;\n            const hasOffset = window.pageYOffset !== undefined;\n\n            const applySticky = function () {\n                \/\/ cross-browser compatible scrollTop.\n                const scrollTop = hasOffset ? window.pageYOffset : docBody.scrollTop;\n\n                \/\/ if user scrolls to headerHeight from the top of the target div\n                if (scrollTop >= stop) {\n                    pageLegendCollapse.hide();\n                    \/\/ stick the div\n                    target.classList.add(\"sticky\");\n                    \/\/target.style.marginTop = `${headerHeight}px`;\n                } else {\n                    pageLegendCollapse.show();\n                    \/\/ release the div\n                    target.classList.remove(\"sticky\");\n                    target.style.marginTop = \"\";\n                }\n            }\n\n            applySticky();\n\n            window.addEventListener('scroll', applySticky);\n        })(header, pageLegendCollapse);\n\tjQuery('span.show_moretoc').click(function(){\n\t\tjQuery('span.show_moretoc').hide();\n\t   jQuery('.ms_hidetoc').show();\n\t});\n    });\n\n    \/\/ When the user clicks on the button, scroll to the top of the document\n    function btnTop() {\n        const pageLegend = document.querySelector('#multiCollapse1');\n        document.querySelector('html').classList.remove('overflow-hidden');\n        pageLegend.classList.remove('overflow-auto');\n        pageLegend.style.height = 'auto';\n        window.scrollTo({\n            top: 0,\n            behavior: 'smooth'\n        });\n    }\n\n    const handleScrollToTitle = (id) => {\n        const el = document.getElementById(id);\n        const headerHeightDifference = window.innerWidth < 992 ? -30 : -15;\n        window.scrollTo({\n            top: el.offsetTop - 60 - headerHeightDifference - 10,\n        });\n    }\n<\/script>\n\n<h2><span id=\"how_five_nation-state_threat_actors_are_weaponizing_ai\">How Five Nation-State Threat Actors are Weaponizing AI<\/span><\/h2>\n<p>Although no successful AI-enabled attacks were attributed to these threat groups, Microsoft believes their activities are malicious and could be a way of testing the waters to unravel how best to employ <a href=\"https:\/\/www.techopedia.com\/definition\/34633\/generative-ai\">generative AI<\/a> for malicious activities.<\/p>\n<p>The malicious activities that Microsoft is investigating include victim reconnaissance, learning and using native languages to facilitate deceptive communications, software scripts, and <a href=\"https:\/\/www.techopedia.com\/definition\/4015\/malicious-software-malware\">malware<\/a> development.<\/p>\n<p>The profiles of the 5 state actors show they share similar traits in the way they probe LLMs for malicious attacks.<\/p>\n<h3>1. Charcoal Typhoon<\/h3>\n<p>Two Chinese state-sponsored groups \u2014 Charcoal Typhoon and Salmon Typhoon \u2014 are accused of exploiting AI models.<\/p>\n<p>Charcoal Typhoon, also known as Aquatic Panda, stands accused of using ChatGPT to gather information on companies, generate <a href=\"https:\/\/www.techopedia.com\/definition\/4115\/social-engineering\">social engineering<\/a> texts, debug codes, and develop scripts.<\/p>\n<p>Microsoft said: &#8220;They are known for targeting sectors that include government, higher education, communications infrastructure, oil and gas, and information technology. Their activities have predominantly focused on entities within Taiwan, Thailand, Mongolia, Malaysia, France, and Nepal, with observed interests extending to institutions and individuals globally who oppose China&#8217;s policies.<\/p>\n<blockquote><p>&#8220;Charcoal Typhoon has been observed interacting with LLMs in ways that suggest a limited exploration of how LLMs can augment their technical operations. This has consisted of using LLMs to support tooling development, scripting, understanding various commodity cybersecurity tools, and generating content that could be used to social engineer targets.&#8221;<\/p><\/blockquote>\n<p>&#8220;All associated accounts and assets of Charcoal Typhoon have been disabled, reaffirming our commitment to safeguarding against the misuse of AI technologies,&#8221; the company added.<\/p>\n<h3>2. Salmon Typhoon<\/h3>\n<p>Salmon Typhoon is accused of leveraging generative AI for a variety of tasks including translating technical documents, gathering publicly accessible data on various intelligence agencies, and support with coding tasks.<\/p>\n<p>Notably, Salmon Typhoon&#8217;s interactions with LLMs throughout 2023 appear exploratory and suggest that this threat actor is evaluating the effectiveness of LLMs in sourcing information on potentially sensitive topics.<\/p>\n<p>&#8220;This threat actor has demonstrated its capabilities through the deployment of malware, such as Win32\/Wkysol, to maintain remote access to compromised systems.&#8221;<\/p>\n<blockquote><p>&#8220;Notably, Salmon Typhoon&#8217;s interactions with LLMs throughout 2023 appear exploratory and suggest that this threat actor is evaluating the effectiveness of LLMs in sourcing information on potentially sensitive topics, high profile individuals, regional geopolitics, US influence, and internal affairs.&#8221;<\/p><\/blockquote>\n<p>The company added: &#8220;Salmon Typhoon&#8217;s engagement with LLMs aligns with patterns observed by Microsoft, reflecting traditional behaviors in a new technological arena. In response, all accounts and assets associated with Salmon Typhoon have been disabled.&#8221;<\/p>\n<h3>3. Forest Blizzard<\/h3>\n<p>According to Microsoft&#8217;s findings, Forest Blizzard, a group it claims is affiliated with Russia&#8217;s GRU military intelligence unit, uses LLMs for basic scripting tasks, gathering intelligence on Ukrainian targets, and researching satellite and radar technologies that likely relate to Russia&#8217;s war efforts.<\/p>\n<blockquote><p>&#8220;Forest Blizzard&#8217;s use of LLMs has involved research into various satellite and radar technologies that may pertain to conventional military operations in Ukraine, as well as generic research aimed at supporting their cyber operations.&#8221;<\/p><\/blockquote>\n<p>Microsoft added that the group has been &#8220;Interacting with LLMs to understand satellite communication protocols, radar imaging technologies, and specific technical parameters. These queries suggest an attempt to acquire in-depth knowledge of satellite capabilities.&#8221;<\/p>\n<h3>4. Emerald Sleet<\/h3>\n<p>Identified as a North Korean threat actor, Emerald Sleet allegedly harnessed LLMs for various nefarious activities, including conducting reconnaissance efforts to gather intelligence on think tanks and experts related to North Korea, as well as generating content for spear-phishing campaigns.<\/p>\n<p>Microsoft said it &#8220;Observed Emerald Sleet impersonating reputable academic institutions and NGOs to lure victims into replying with expert insights and commentary about foreign policies related to North Korea. Emerald Sleet overlaps with threat actors tracked by other researchers as Kimsuky and Velvet Chollima&#8221; and again closed accounts they identified with the group.<\/p>\n<h3>5. Crimson Sandstorm<\/h3>\n<p>Crimson Sandstorm, an Iranian threat actor affiliated with the Islamic Revolutionary Guard Corps, is accused of employing generative AI for generating spear-phishing emails and scripting tasks to evade detection.<\/p>\n<p>Microsoft said: &#8220;Interactions have involved requests for support around social engineering, assistance in troubleshooting errors, .NET development, and ways in which an attacker might evade detection when on a compromised machine&#8221;, and again closed suspected accounts.<\/p>\n<h2><span id=\"microsoft_categorizes_nine_llm-themed_ttps\">Microsoft Categorizes Nine LLM-Themed TTPs<\/span><\/h2>\n<p>Microsoft has identified nine specific LLM-related TTPs used by the threat actors for attacks and is collaborating with MITRE to aid Microsoft&#8217;s research into how hackers are leveraging AI.<\/p>\n<p>The TTPs cover a wide range of activities, such as LLM-driven reconnaissance, scripting techniques, optimized payload development, social engineering, vulnerability research, enhanced <a href=\"https:\/\/www.techopedia.com\/definition\/30297\/anomaly-detection\">anomaly detection<\/a> evasion, and more.<\/p>\n<p>To help the broader security community analyze and defend against these risks, Microsoft is working to integrate these nine LLMs-themed TTPs into the MITRE ATT&amp;CK industry framework.<\/p>\n<p>These new additions will form a knowledge base that will enable the AI community to collaborate and track malicious use of LLMs with common taxonomy and create countermeasures.<\/p>\n<h2><span id=\"ai_safety_still_a_mirage\">AI Safety Still A Mirage<\/span><\/h2>\n<p>While AI holds incredible promises for future developments, these recent findings underline how the technology remains unsafe in key ways.<\/p>\n<p>Speaking to Techopedia, <strong>Joseph Thacker, principal AI engineer and security researcher at <\/strong><a href=\"https:\/\/appomni.com\/\" target=\"_blank\"><strong>AppOmni<\/strong><\/a>, notes his fears about the proficiency of threat actors leveraging AI.<\/p>\n<blockquote><p>&#8220;Threat actors that are effective enough to be tracked by Microsoft are likely already proficient at writing software.&#8221;<\/p><\/blockquote>\n<p>Thacker believes that while AI has significant vulnerabilities that malicious actors are eagerly exploiting, they haven&#8217;t birthed a novel attack yet. However, he warns that if these malicious actors succeed in unlocking a novel attack vector, it might take time before companies detect them.<\/p>\n<p>&#8220;If a threat actor found a novel attack use case, it could still be in stealth and not detected by these companies yet, so it&#8217;s not impossible.<\/p>\n<p>I have seen fully autonomous AI agents that can &#8220;hack&#8221; and find real vulnerabilities, so if any bad actors have developed something similar, that would be dangerous. And open source models like Mixtral [an LLM release by <a href=\"https:\/\/www.techopedia.com\/mistral-ai-exploring-europes-latest-tech-unicorn\">Mistral AI<\/a>] are high quality and could be used at scale in novel ways.&#8221;<\/p>\n<p>Another safety concern is that today&#8217;s large language models do not understand content and context at a deep level. They are trained to statistically generate persuasive outputs without discernment of truth, ethics, or safety.<\/p>\n<p><strong>Loris Degioanni, CTO and Founder at <\/strong><a href=\"https:\/\/sysdig.com\/\" target=\"_blank\"><strong>Sysdig<\/strong><\/a>, explains that this is why &#8220;generative AI can take natural language prompts and convert them to system queries and go as far as generating very convincing natural language phishing emails.&#8221;<\/p>\n<p>Although much buzz around AI safety has seen initiatives like the United States AI Safety Institute (US AISI) and the UK&#8217;s AI Safety Institute spring up, Irina Tsukeerman, president of Scarab Rising, told Techopedia that AI safety might remain elusive if complex issues are not addressed.<\/p>\n<p>These include &#8220;complicated regulatory, governance, and private sector market landscape, exponential innovation growth, various geopolitical security crises, tech sector interests, and the vested interests of the tech sector and the ambitions of individual companies and leaders.&#8221;<\/p>\n<h2><span id=\"how_to_combat_ai-driven_cyber_operations\">How to Combat AI-Driven Cyber Operations<\/span><\/h2>\n<p>The solution lies not in restricting AI development but in incentivizing responsibility, says Thacker.<\/p>\n<blockquote><p>&#8220;The genie is out of the bottle when it comes to generative AI. No regulations or bans will put it back in.<\/p>\n<p>&nbsp;<\/p>\n<p>Instead, we must double down on instilling ethics in computer science education and broader technology culture. Initiatives like the Institute for Ethical AI and Machine Learning can nurture values-driven technologists.&#8221;<\/p><\/blockquote>\n<p>&#8220;And whistleblower policies and watchdog groups can counter toxic organizational dynamics that prioritize profit over public good,&#8221; he explained.<\/p>\n<p>Tsukerman concurs with Thacker, pointing out there will be better results if OpenAI, Microsoft, and other big fish in the LLM market &#8220;engage with cyber ethicists, law enforcement professionals, digital forensics experts, cyber pathologists, psychologists, and lawyers to craft proactive, forward-looking policies.&#8221;<\/p>\n<p>As with every new technology, we are bound to witness some missteps in generative AI development, <strong>Dane Sherrets, Solutions Architect at <\/strong><a href=\"https:\/\/www.hackerone.com\/\" target=\"_blank\"><strong>HackerOne<\/strong><\/a>, told Techopedia in a chat.<\/p>\n<p>He said: &#8220;It is important to note that we are in new territory, and missteps are bound to happen.&#8221;<\/p>\n<p>Sherrets outlined two key factors crucial for leading AI companies like Microsoft, OpenAI, and Google to advance AI technology responsibly:<\/p>\n<blockquote><p>&#8220;Commitment to transparency for what they have built, how they have built it, how they have tested it, and results of that testing and commitment to coordination with other organizations building AI.&#8221;<\/p><\/blockquote>\n<p><strong>CISO at DeVry University, Fred Kwong<\/strong>, underscored the need for organizations to bake in AI-based defenses against AI-enable threats. He advocates focusing on three critical areas: integrating AI and machine learning into the security stack, emphasizing fundamentals such as multi-factor authentication and regular cybersecurity training, and planning for a future without sole reliance on passwords.<\/p>\n<h2><span id=\"the_bottom_line\">The Bottom Line<\/span><\/h2>\n<p>Just as was highlighted in our <a href=\"https:\/\/www.techopedia.com\/the-future-of-ai-8-predictions-from-techopedia\">2024 AI predictions<\/a>, AI will become the next battleground in the cybersecurity race. Organizations need to invest in AI not just to compete in the market but to tighten their defenses against emerging threats.<\/p>\n<p>Again, this is a critical time when purposeful leadership and multilateral cooperation are needed to steer AI toward the common good. Collaborations aimed at disrupting state-backed AI threats should go beyond Microsoft and OpenAI to include Google, Anthropic, and other leading AI developers to pass a resounding message of commitment to a safety-first approach to AI development.<\/p>\n<div class=\"reference-content\">\n<div class=\"reference-heading reference-content-collapsible-heading\">\n<h2><span id=\"references\">References<\/span><\/h2>\n<\/div>\n<div class=\"reference-content-body\">\n<ul>\n<li><a href=\"https:\/\/openai.com\/blog\/disrupting-malicious-uses-of-ai-by-state-affiliated-threat-actors\" target=\"_blank\">Disrupting malicious uses of AI by state-affiliated threat actors<\/a> (OpenAI)<\/li>\n<li><a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2024\/02\/14\/staying-ahead-of-threat-actors-in-the-age-of-ai\/\" target=\"_blank\">Staying ahead of threat actors in the age of AI<\/a> (Microsoft)<\/li>\n<li><a href=\"https:\/\/appomni.com\/\" target=\"_blank\">AppOmni official website<\/a> (AppOmni)<\/li>\n<li><a href=\"https:\/\/sysdig.com\/\" target=\"_blank\">Sysdig official website<\/a> (Sysdig)<\/li>\n<li><a href=\"https:\/\/www.hackerone.com\/\" target=\"_blank\">HackerOne official website<\/a> (HackerOne)<\/li>\n<\/ul>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft and OpenAI have shone a spotlight on the growing use of artificial intelligence (AI) by state-affiliated cyber threat actors. Malicious groups from Russia, China, North Korea, and Iran are alleged to be leveraging large language models (LLMs) like ChatGPT to support malicious campaigns. OpenAI says it has partnered with Microsoft to identify and neuter [&hellip;]<\/p>\n","protected":false},"author":286696,"featured_media":194586,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_lmt_disableupdate":"no","_lmt_disable":"","om_disable_all_campaigns":false,"footnotes":""},"categories":[585,548],"tags":[],"category_partsoff":[],"class_list":["post-194567","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-threats","category-cybersecurity"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v24.2 (Yoast SEO v24.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>5 &#039;State-Backed AI Threat Actors&#039; Identified by Microsoft &amp; OpenAI - Techopedia<\/title>\n<meta name=\"description\" content=\"OpenAI has partnered with Microsoft to identify and neuter threat actors that they say are probing the capabilities of ChatGPT, DALL-E, and CoPilot.\" \/>\n<meta name=\"robots\" content=\"noindex, follow\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"5 &#039;State-Backed AI Threat Actors&#039; Identified by Microsoft &amp; OpenAI\" \/>\n<meta property=\"og:description\" content=\"OpenAI has partnered with Microsoft to identify and neuter threat actors that they say are probing the capabilities of ChatGPT, DALL-E, and CoPilot.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai\" \/>\n<meta property=\"og:site_name\" content=\"Techopedia\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/techopedia\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-03-01T12:43:56+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-03-01T12:45:12+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/03\/AI-Threat-Actors.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Franklin Okeke\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@techopedia\" \/>\n<meta name=\"twitter:site\" content=\"@techopedia\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Franklin Okeke\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai\"},\"author\":{\"name\":\"Franklin Okeke\",\"@id\":\"https:\/\/www.techopedia.com\/#\/schema\/person\/cf68e5a8f9bbfc9595ced844b44cd463\"},\"headline\":\"5 &#8216;State-Backed AI Threat Actors&#8217; Identified by Microsoft &#038; OpenAI\",\"datePublished\":\"2024-03-01T12:43:56+00:00\",\"dateModified\":\"2024-03-01T12:45:12+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai\"},\"wordCount\":1813,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.techopedia.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/03\/AI-Threat-Actors.jpg\",\"articleSection\":\"\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai#respond\"]}],\"copyrightYear\":\"2024\",\"copyrightHolder\":{\"@id\":\"https:\/\/www.techopedia.com\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai\",\"url\":\"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai\",\"name\":\"5 'State-Backed AI Threat Actors' Identified by Microsoft & OpenAI - Techopedia\",\"isPartOf\":{\"@id\":\"https:\/\/www.techopedia.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/03\/AI-Threat-Actors.jpg\",\"datePublished\":\"2024-03-01T12:43:56+00:00\",\"dateModified\":\"2024-03-01T12:45:12+00:00\",\"description\":\"OpenAI has partnered with Microsoft to identify and neuter threat actors that they say are probing the capabilities of ChatGPT, DALL-E, and CoPilot.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai#primaryimage\",\"url\":\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/03\/AI-Threat-Actors.jpg\",\"contentUrl\":\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/03\/AI-Threat-Actors.jpg\",\"width\":1200,\"height\":600,\"caption\":\"An image of a hacker with binary code in the background\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.techopedia.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity\",\"item\":\"https:\/\/www.techopedia.com\/topic\/4\/cybersecurity\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Cyber Threats\",\"item\":\"https:\/\/www.techopedia.com\/topic\/220\/cyber-threats\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"5 &#8216;State-Backed AI Threat Actors&#8217; Identified by Microsoft &#038; OpenAI\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.techopedia.com\/#website\",\"url\":\"https:\/\/www.techopedia.com\/\",\"name\":\"Techopedia\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.techopedia.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.techopedia.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.techopedia.com\/#organization\",\"name\":\"Techopedia\",\"url\":\"https:\/\/www.techopedia.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.techopedia.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2025\/02\/techopedia-light-logo.svg\",\"contentUrl\":\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2025\/02\/techopedia-light-logo.svg\",\"caption\":\"Techopedia\"},\"image\":{\"@id\":\"https:\/\/www.techopedia.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/techopedia\/\",\"https:\/\/x.com\/techopedia\",\"https:\/\/www.linkedin.com\/company\/techopedia\/\",\"https:\/\/www.youtube.com\/c\/Techopedia\"],\"publishingPrinciples\":\"https:\/\/www.techopedia.com\/about\/editorial-policy\",\"ownershipFundingInfo\":\"https:\/\/www.techopedia.com\/about\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.techopedia.com\/#\/schema\/person\/cf68e5a8f9bbfc9595ced844b44cd463\",\"name\":\"Franklin Okeke\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.techopedia.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/04\/avatar_user_286696_1713534218-300x300.jpg\",\"contentUrl\":\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/04\/avatar_user_286696_1713534218-300x300.jpg\",\"caption\":\"Franklin Okeke\"},\"description\":\"Franklin Okeke is an author and tech journalist with over seven years of IT experience. Coming from a software development background, his writing spans cybersecurity, AI, cloud computing, IoT, and software development. In addition to pursuing a Master's degree in Cybersecurity &amp; Human Factors from Bournemouth University, Franklin has two published books and four academic papers to his name. Apart from Techopedia, his writing has been featured in tech publications such as TechRepublic, The Register, Computing, TechInformed, Moonlock, and other top technology publications. When he is not reading or writing, Franklin trains at a boxing gym and plays the piano.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/franklin-okeke-8898a3a5\/\"],\"knowsAbout\":[\"Technology Journalist\"],\"url\":\"https:\/\/www.techopedia.com\/contributors\/franklinokeke\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"5 'State-Backed AI Threat Actors' Identified by Microsoft & OpenAI - Techopedia","description":"OpenAI has partnered with Microsoft to identify and neuter threat actors that they say are probing the capabilities of ChatGPT, DALL-E, and CoPilot.","robots":{"index":"noindex","follow":"follow"},"og_locale":"en_US","og_type":"article","og_title":"5 'State-Backed AI Threat Actors' Identified by Microsoft & OpenAI","og_description":"OpenAI has partnered with Microsoft to identify and neuter threat actors that they say are probing the capabilities of ChatGPT, DALL-E, and CoPilot.","og_url":"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai","og_site_name":"Techopedia","article_publisher":"https:\/\/www.facebook.com\/techopedia\/","article_published_time":"2024-03-01T12:43:56+00:00","article_modified_time":"2024-03-01T12:45:12+00:00","og_image":[{"width":1200,"height":600,"url":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/03\/AI-Threat-Actors.jpg","type":"image\/jpeg"}],"author":"Franklin Okeke","twitter_card":"summary_large_image","twitter_creator":"@techopedia","twitter_site":"@techopedia","twitter_misc":{"Written by":"Franklin Okeke","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai#article","isPartOf":{"@id":"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai"},"author":{"name":"Franklin Okeke","@id":"https:\/\/www.techopedia.com\/#\/schema\/person\/cf68e5a8f9bbfc9595ced844b44cd463"},"headline":"5 &#8216;State-Backed AI Threat Actors&#8217; Identified by Microsoft &#038; OpenAI","datePublished":"2024-03-01T12:43:56+00:00","dateModified":"2024-03-01T12:45:12+00:00","mainEntityOfPage":{"@id":"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai"},"wordCount":1813,"commentCount":0,"publisher":{"@id":"https:\/\/www.techopedia.com\/#organization"},"image":{"@id":"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai#primaryimage"},"thumbnailUrl":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/03\/AI-Threat-Actors.jpg","articleSection":"","inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai#respond"]}],"copyrightYear":"2024","copyrightHolder":{"@id":"https:\/\/www.techopedia.com\/#organization"}},{"@type":"WebPage","@id":"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai","url":"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai","name":"5 'State-Backed AI Threat Actors' Identified by Microsoft & OpenAI - Techopedia","isPartOf":{"@id":"https:\/\/www.techopedia.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai#primaryimage"},"image":{"@id":"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai#primaryimage"},"thumbnailUrl":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/03\/AI-Threat-Actors.jpg","datePublished":"2024-03-01T12:43:56+00:00","dateModified":"2024-03-01T12:45:12+00:00","description":"OpenAI has partnered with Microsoft to identify and neuter threat actors that they say are probing the capabilities of ChatGPT, DALL-E, and CoPilot.","breadcrumb":{"@id":"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai#primaryimage","url":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/03\/AI-Threat-Actors.jpg","contentUrl":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/03\/AI-Threat-Actors.jpg","width":1200,"height":600,"caption":"An image of a hacker with binary code in the background"},{"@type":"BreadcrumbList","@id":"https:\/\/www.techopedia.com\/5-state-backed-ai-threat-actors-identified-by-microsoft-openai#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.techopedia.com\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity","item":"https:\/\/www.techopedia.com\/topic\/4\/cybersecurity"},{"@type":"ListItem","position":3,"name":"Cyber Threats","item":"https:\/\/www.techopedia.com\/topic\/220\/cyber-threats"},{"@type":"ListItem","position":4,"name":"5 &#8216;State-Backed AI Threat Actors&#8217; Identified by Microsoft &#038; OpenAI"}]},{"@type":"WebSite","@id":"https:\/\/www.techopedia.com\/#website","url":"https:\/\/www.techopedia.com\/","name":"Techopedia","description":"","publisher":{"@id":"https:\/\/www.techopedia.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.techopedia.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.techopedia.com\/#organization","name":"Techopedia","url":"https:\/\/www.techopedia.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.techopedia.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2025\/02\/techopedia-light-logo.svg","contentUrl":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2025\/02\/techopedia-light-logo.svg","caption":"Techopedia"},"image":{"@id":"https:\/\/www.techopedia.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/techopedia\/","https:\/\/x.com\/techopedia","https:\/\/www.linkedin.com\/company\/techopedia\/","https:\/\/www.youtube.com\/c\/Techopedia"],"publishingPrinciples":"https:\/\/www.techopedia.com\/about\/editorial-policy","ownershipFundingInfo":"https:\/\/www.techopedia.com\/about"},{"@type":"Person","@id":"https:\/\/www.techopedia.com\/#\/schema\/person\/cf68e5a8f9bbfc9595ced844b44cd463","name":"Franklin Okeke","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.techopedia.com\/#\/schema\/person\/image\/","url":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/04\/avatar_user_286696_1713534218-300x300.jpg","contentUrl":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/04\/avatar_user_286696_1713534218-300x300.jpg","caption":"Franklin Okeke"},"description":"Franklin Okeke is an author and tech journalist with over seven years of IT experience. Coming from a software development background, his writing spans cybersecurity, AI, cloud computing, IoT, and software development. In addition to pursuing a Master's degree in Cybersecurity &amp; Human Factors from Bournemouth University, Franklin has two published books and four academic papers to his name. Apart from Techopedia, his writing has been featured in tech publications such as TechRepublic, The Register, Computing, TechInformed, Moonlock, and other top technology publications. When he is not reading or writing, Franklin trains at a boxing gym and plays the piano.","sameAs":["https:\/\/www.linkedin.com\/in\/franklin-okeke-8898a3a5\/"],"knowsAbout":["Technology Journalist"],"url":"https:\/\/www.techopedia.com\/contributors\/franklinokeke"}]}},"modified_by":"Valerie Medleva","_links":{"self":[{"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/posts\/194567","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/users\/286696"}],"replies":[{"embeddable":true,"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/comments?post=194567"}],"version-history":[{"count":0,"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/posts\/194567\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/media\/194586"}],"wp:attachment":[{"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/media?parent=194567"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/categories?post=194567"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/tags?post=194567"},{"taxonomy":"category_partsoff","embeddable":true,"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/category_partsoff?post=194567"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}