Artificial Intelligence (AI) has transformed numerous fields, making previously impossible tasks feasible. The use of generative AI in cybersecurity has been a breakthrough in securing sensitive data and systems from potential attacks. However, the same AI advancements that have made it easier to secure systems could also be used by bad actors to create powerful weapons capable of breaching cloud-based environments. Now, a new language model called ChatGPT is being used to develop a new type of cyberattack, posing a severe risk to cloud-based systems, among others.
ChatGPT: A New Breach Technique for Cloud-Based Systems
Vulcan Cyber’s Voyager18 research team recently issued an advisory validating that generative AI, such as ChatGPT, could soon become a weapon to attack cloud-based systems. This new attack technique involves posing a question to ChatGPT and requesting a package to solve a particular coding problem. The language model then generates multiple package recommendations, including some not available in legitimate repositories, which could be replaced with malicious ones.
Exploiting Fabricated Code Libraries with ChatGPT
Through the code-generation capabilities of ChatGPT, attackers can exploit fabricated code libraries that are maliciously distributed, while bypassing traditional approaches such as typosquatting. They may also distract developers by constructing authentic code snippets and programming modules that introduce vulnerabilities. The generated code appears legitimate, which requires human programmers to use their expertise in identifying the manipulation.
Using ChatGPT to deceive future users
Another threat of ChatGPT involves deceiving future users who rely on ChatGPT’s recommendations of non-existent packages with malicious ones. Cyber attackers can replace the fabricated components with malicious packages created based on rare or no documentation by exploiting ChatGPT’s code-generation capabilities. Once the components are made malicious, ChatGPT may recommend them to other developers, thus spreading the cyber attack rapidly to a broad range of systems.
Defending Against Chatbot-Based Attacks
There are ways to defend against this type of attack. Developers must take advanced measures to confirm that all libraries and modules they use are authentic and trustworthy. They must thoroughly scrutinize all new cyber components or advice recommended by AI code generators. To do this successfully, developers must understand the techniques employed by attackers, such as simulating genuine libraries, hiding malicious code behind seemingly genuine facades, and developing fake help center pages.
Vetting libraries and checking creation date and download count
One significant way to defend against cyberattacks involving powerful models like ChatGPT is to check the creation date and download count of libraries. While this is not a foolproof method, it does provide some level of reassurance. This method helps to catch new libraries developed and modified within a short period, which may be suspicious. Furthermore, the download count is an excellent indicator of whether a recently created library could have any significant impact on the current programming community.
The Need for Better Defense Mechanisms Against AI-Based Attacks Generated by Generative Models
The rapidly growing and widely accessible generative AI tools have become much more attractive to cybercriminals. As a result, there is an urgent need for developers, cloud providers, and cybersecurity practitioners to step up their efforts to prevent generative AI-based attacks. Attackers will continue to find new ways to use generative AI models to bring down company systems, and failure to take necessary actions could result in catastrophic consequences.
Using generative AI as a defensive mechanism
Defenders must be proactive in identifying ways in which open-source code generators can be exploited and provide appropriate countermeasures. Harnessing the potential of generative AI could significantly enhance programmatic hacking defense. AI and machine learning technologies can help security analysts identify various types of threats targeting an organization’s network or system. Reducing manual efforts to uncover new threats while having actionable intelligence presents an advantage that cannot be overlooked.
The Challenge of Staying Ahead in Cloud Security and DevSecOps
With attackers always on the lookout for ways to bypass cybersecurity defenses, cloud security, and DevSecOps professionals face a 24-hour battle to safeguard data, support business processes, and maintain regulatory compliance. Deploying AI in a company’s security ecosystem can automate human labor and significantly decrease the likelihood of successful attacks. As attackers continue to develop new methods and tools to breach systems, organizations must remain vigilant by integrating innovative technology such as AI into their security measures.
Adhering to safe programming practices, such as using hard-to-guess, long, and unique passwords and periodically updating them, can provide multifactor authentication. Organizations should carry out regular self-audits to identify gaps in their security while also preparing for the worst-case scenario by formulating contingency plans. AI-driven programming can also help developers and security experts be more vigilant by assisting them in identifying numerous potential risks in code faster and more effectively. The future of cybersecurity will require the integration of innovative tools such as generative AI, and it is up to companies to embrace these specialized resources to protect their valuable data and systems.