Source URL: https://www.schneier.com/blog/archives/2025/06/report-on-the-malicious-uses-of-ai.html
Source: Schneier on Security
Title: Report on the Malicious Uses of AI
Feedly Summary: OpenAI just published its annual report on malicious uses of AI.
By using AI as a force multiplier for our expert investigative teams, in the three months since our last report we’ve been able to detect, disrupt and expose abusive activity including social engineering, cyber espionage, deceptive employment schemes, covert influence operations and scams.
These operations originated in many parts of the world, acted in many different ways, and focused on many different targets. A significant number appeared to originate in China: Four of the 10 cases in this report, spanning social engineering, covert influence operations and cyber threats, likely had a Chinese origin. But we’ve disrupted abuses from many other countries too: this report includes case studies of a likely task scam from Cambodia, comment spamming apparently from the Philippines, covert influence attempts potentially linked with Russia and Iran, and deceptive employment schemes…
AI Summary and Description: Yes
Summary: OpenAI’s annual report highlights the growing malicious uses of AI, showcasing how AI has been leveraged for various forms of cyber crime, including social engineering and covert influence operations. The report underscores the challenges posed by AI-driven threats, especially with an expected shift toward local AI model execution by threat actors.
Detailed Description: OpenAI’s latest report sheds light on the evolving landscape of malicious AI use, emphasizing the important role that advanced AI technologies play in the hands of cybercriminals. The findings in this report reveal several critical trends and insights relevant to security and compliance professionals:
– **Malicious Use Cases**: The report documents various forms of abusive activities perpetrated using AI, including:
– Social engineering attacks
– Cyber espionage
– Covert influence operations
– Deceptive employment schemes
– Scams
– **Global Threat Landscape**: The report indicates the international nature of these threats, specifying that a significant number of attacks appeared to originate from China, emphasizing both the regional and globalized aspects of cyber threats:
– Four out of ten highlighted cases linked to Chinese origins.
– Other noted countries include:
– Cambodia (task scams)
– Philippines (comment spamming)
– Russia and Iran (covert influence attempts)
– **AI as an Investigative Tool**: OpenAI’s ability to utilize AI for detecting and disrupting these threats is emphasized, showcasing how AI can serve as a force multiplier for investigative efforts.
– **Future Implications**: The report raises alarms regarding the anticipated evolution of AI capabilities among malicious actors, particularly:
– The expectation that threat actors will begin to run AI models locally, reducing the ability of entities like OpenAI to monitor and mitigate these abuses effectively.
– The implication of diminished visibility in tracking malicious uses of AI as it becomes more prevalent and sophisticated.
This analysis serves as a wake-up call for security professionals, highlighting the urgent need for proactive measures in countering malicious AI usage and strengthening cybersecurity defenses against an increasingly sophisticated adversary landscape. The evolving threat posed by AI demands continuous attention and adaptive strategies in cybersecurity frameworks.