ChatGPT may already be used in nation state cyberattacks, say IT decision makers in BlackBerry Global Research

WATERLOO — BlackBerry Limited released new research revealing that half (51 per cent) of IT professionals predict that we are less than a year away from a successful cyberattack being credited to ChatGPT, and 71 per cent believe that foreign states may already be using the technology for malicious purposes against other nations.

The survey of 1,500 IT decision makers across North America, UK, and Australia exposed a perception that, although respondents in all countries see ChatGPT as generally being put to use for ‘good’ purposes, 74 per cent acknowledge its potential threat to cybersecurity and are concerned. Though there are differing views around the world on how that threat might manifest, ChatGPT’s ability to help hackers craft more believable and legitimate sounding phishing emails is the top global concern (53 per cent), along with enabling less experienced hackers to improve their technical knowledge and develop more specialized skills (49 per cent) and its use for spreading misinformation (49 per cent).

“ChatGPT will likely increase its influence in the cyber industry over time. We’ve all seen a lot of hype and scaremongering, but the pulse of the industry remains fairly pragmatic – and for good reason. There are a lot of benefits to be gained from this kind of advanced technology and we’re only beginning to scratch the surface, but we also can’t ignore the ramifications,” said Shishir Singh, Chief Technology Officer, Cybersecurity at BlackBerry. “As the maturity of the platform and the hackers’ experience of putting it to use progresses, it will get more and more difficult to defend without also using AI in defense to level the playing field.”

BlackBerry’s research results also revealed that the majority (82 per cent) of IT decision-makers plan to invest in AI-driven cybersecurity in the next two years and almost half (48 per cent) plan to invest before the end of 2023. This reflects the growing concern that signature-based protection solutions are no longer effective in providing cyber protection against an increasingly sophisticated threat.

Whilst IT directors are positive that ChatGPT will enhance cybersecurity for businesses, the survey also revealed that 95 per cent believe governments have a responsibility to regulate advanced technologies. However, at present, there is an optimistic consensus that technology and research professionals will gain more than cyber criminals from the capabilities of ChatGPT.

“It’s been well documented that people with malicious intent are testing the waters but, over the course of this year, we expect to see hackers get a much better handle on how to use ChatGPT successfully for nefarious purposes; whether as a tool to write better mutable malware or as an enabler to bolster their ‘skillset.’ Both cyber pros and hackers will continue to look into how they can utilize it best. Time will tell who’s more effective,” concludes Singh.