We are sure that by now, you have encountered or even tried the infamous ChatGPT, a very helpful AI-based application. The success of ChatGPT proves the effect of generative AI on today’s society. Most people agree that AI-driven chatbots can help save time and funds, yet some think they could threaten various positions. OpenAI, the makers of ChatGPT, have more pessimistic worries. According to them, to avoid things getting worse, AI requires to be controlled and monitored attentively.
One of the numerous advantages of ChatGPT is that the AI-driven chatbot can not only analyze codes but can even generate full scripts just by specifying the request. Its capabilities can generate personalized answers and even create full professional content. It might provide less than 100 % exact answers, though many people feel the chatbot works as a good reference.
So, the real question is whether ChatGPT will benefit cybersecurity professionals or make it more difficult for them because it can be a powerful weapon in the hands of cybercriminals. The answer is probably both.
What is ChatGPT?
ChatGPT is a natural language processing tool that can create content, images and even code on demand via conversations with a chatbot. The AI-driven tool is built on OpenAI’s GPT-3 family of large language models. ChatGPT launched in November 2022 and amassed 100 million users in its first two months. However, the app is often down or at capacity—which is probably to be expected in the context of such explosive adoption.
As we mentioned above, this tool which comes as a web application and extension/add-on for different applications can manage to generate content based on your input. The more specific the input is from the user, the better and clearer the answer will be. This tool can gather keywords and different search results and provide a customized answer. According to OpenAI, ChatGPT, its most recent artificial intelligence bot, is created to communicate in a conversational manner, enabling it to respond to follow-up queries, admit mistakes, false dispute premises, and more. But for now, it is very clear that this tool still has a long way to go since the answers provided need to be entirely correct. But since all AI-based tools require much information in order to provide better results, the same is expected to happen with ChatGPT.
Google has written a playbook on how good search is conducted. Until now, Google has been the number 1 tool everybody would refer to. But now, many people are still determining if ChatGPT will become more relevant than what is in Google’s current toolbox for search. Microsoft CEO Satya Nadella stated: “The AI race starts today.”
Will ChatGPT impact the security world?
Without a doubt, ChatGPT has opened up a world of potential for AI to impact how we engage with technology daily as individuals. For attackers, there was instantly the chance to transform basic phishing text into more professional structures and automate engagement with multiple potential victims trying to find their way out of a ransomware trap. Inevitably, the potential impact on cyber security quickly becomes a critical conversational topic – from both sides.
Dave Barnett, head of secure access service edge (SASE) and email security for EMEA at Cloudflare, says: “It’s a frighteningly good system – anyone who has asked ChatGPT to explain some obscure technical concept in the form of a poem will realize just how powerful it is”. The creators of ChatGPT agreed in a tweet that we are close to dangerously strong AI that can pose a huge cybersecurity risk and that approaching a real AGI reality within the next decade means taking that risk seriously.
Even though the tool has a trigger for each search you conduct that may have malicious content or intention and flags it right away, the possibility of bypassing this feature is high at this specific point. It can flag it at first as malicious content, but after inputting further and more detailed explanations, it will generate different attacks for you. Since CHatGPT is still learning, many can use it to describe perfectly crafted requests for malicious attacks, and it may even result in explaining it thoroughly.
Another concern is data protection, such as where the data goes and who the controller and processor are. Humans are naturally inquisitive, so if we start talking to computers as if they’re human, we’re highly likely to share information we probably shouldn’t. But on another note, it can even come into hand for defenders since it can help create new methods and security measures that can be effective. It will reduce the time security defenders spend researching different security strategies and give them clear implementation ideas.
It is a statement when we say that the future of Chatbots is happening now, and it has been quite successful so far. However, the danger of a system that can be instructed to fabricate malicious software needs to be carefully monitored. With every technological breakthrough, we’ve created a perplexing state of affairs in which our inventions can revolutionize the planet. Still, if taken into the wrong hands, it can cause destruction, too.