The Double-Edged Sword of ChatGPT: Data Leaks and other Security Disruptions

By

Earlier this month, cybersecurity solutions provider Network Assured released a report covering ongoing problems attributable to OpenAI’s ChatGPT. While perhaps not out of nowhere – because as valuable as a tool like ChatGPT can be, it also comes with its mega-sized share of risks – this report still puts a ton under the microscope; phishing scams, data leaks, malware intrusions and other types of disruptive breaches in which ChatGPT was involved.(Editor’s note: My initial word choice there was originally “… in which ChatGPT was entangled.” but that would half-imply that ChatGPT, through no fault of its users or its own functionalities, got roped into a bad situation. This simply isn’t the cave, given the AI’s parameters, or often lack thereof, how it’s being abused.)

Last month, for instance, an investigation into ChatGPT was launched after users were allegedly, “being shown excerpts of other users’ ChatGPT conversations, as well as their financial information.” According to Network Assured, as many as 1.2% of ChatGPT users might’ve been compromised. (That’s still a huge number.) As Network Assured wrote, “While the bug that caused the leak was quickly fixed, the leak's impact on credit card fraud and identity theft may not be known for months.”

In the meantime, let’s examine the month of April* (i.e. so far; we’re only halfway through it*). ChatGPT-linked security events have included:

  • At Samsung, staff members experienced leaks of sensitive data, including source code from defective equipment and even transcripts detailing private meetings.
  • There’s been a 135% increase in novel phishing attacks with highly sophisticated language generated by ChatGPT. Said language was dangerously convincing, given it matched that of the organizations affected.
  • Fake browser plugins posing as ChatGPT deployed malware to more than 2,000 users.
  • Scammers have utilized ChatGPT to promote fake DeFi cryptocurrency tokens.
  • New scripts were also discovered; these allowed bad actors to bypass ChatGPT’s illegal content filters.

Though none of these unfortunate events spell out end-of-the-world scenarios, that doesn’t mean they aren’t serious. Real action is needed.

Thankfully, it’s not all sour cons and no sweet pros. AI-powered tools are actively being harnessed to detect and prevent cyberwarfare. Nevertheless, the bulk of responsibility shouldn’t rest on the shoulders of users (and cybersecurity provisioners) alone.

Network Assured’s full report (with charts and specific breakdowns) can be read here.


Edited by Greg Tavarez
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
SHARE THIS ARTICLE
Related Articles

Phishing bank scams in Australia: How to protect your business

By: Contributing Writer    9/28/2023

Financial phishing scams, a prevalent form of bank scams in Australia, have plagued Australians for years, leading to significant financial and emotio…

Read More

EDR: The Missing Piece in Your Security Puzzle

By: Contributing Writer    9/28/2023

Endpoint Detection and Response (EDR) is a cybersecurity technology that continuously monitors and responds to various threats to an organization's ne…

Read More

What Is SAST and How It Can Help DevSecOps Adoption

By: Contributing Writer    9/28/2023

With the rise of cyber-attacks and high-profile data breaches, companies are increasingly recognizing the need to integrate security into every phase …

Read More

Unmasking the Power of Brand Reputation: How it Can Make or Break Your Business

By: Contributing Writer    9/27/2023

A business's brand reputation can either make or break the business. It's a powerful concept that can influence customers, attract new clients, and in…

Read More

CI/CD Tools: A Beginner's Guide

By: Contributing Writer    9/27/2023

In the fast-paced landscape of modern software development, the tools and practices you choose can make or break the efficiency of your development pi…

Read More