Russia, China, Iran and North Korea have sharply increased their use of artificial intelligence to deceive people online and mount cyberattacks against the United States, according to new research from Microsoft.
This July, the company identified more than 200 instances of foreign adversaries using AI to create fake content online, more than double the number from July 2024 and more than ten times the number seen in 2023, The AP news reported.
The findings, published Thursday in Microsoft's annual digital threats report, show how foreign adversaries are adopting new and innovative tactics in their efforts to weaponize the internet as a tool for espionage and deception.
AI's potential said to be exploited by US foes America's adversaries, as well as criminal gangs and hacking companies, have exploited AI's potential, using it to automate and improve cyberattacks, to spread inflammatory disinformation and to penetrate sensitive systems. AI can translate poorly worded phishing emails into fluent English, for example, as well as generate digital clones of senior government officials.
Government cyber operations often aim to obtain classified information, undermine supply chains, disrupt critical public services or spread disinformation. Cyber criminals on the other hand work for profit by stealing corporate secrets or using ransomware to extort payments from their victims. These gangs are responsible for the wide majority of cyberattacks in the world and in some cases have built partnerships with countries like Russia.
Increasingly, these attackers are using AI to target governments, businesses and critical systems like hospitals and transportation networks, according to Amy Hogan-Burney, Microsoft's vice president for customer security and trust, who oversaw the report. Many US companies and organizations, meanwhile, are getting by with outdated cyber defenses, even as Americans expand their networks with new digital connections.
Companies, governments, organizations and individuals must take the threat seriously if they are to protect themselves amid escalating digital threats, she said.
“We see this as a pivotal moment where innovation is going so fast," Hogan-Burney said. "This is the year when you absolutely must invest in your cybersecurity basics,”
US is a popular target The US is the top target for cyberattacks, with criminals and foreign adversaries targeting companies, governments and organizations in the US more than any other country. Israel and Ukraine were the second and third most popular targets, showing how military conflicts involving those two nations have spilled over into the digital realm.
Russia, China and Iran have denied that they use cyber operations for espionage, disruption and disinformation. China, for instance, says the US is trying to “ smear ” Beijing while conducting its own cyberattacks.
North Korea has pioneered a scheme in which it uses AI personas to create American identities allowing them to apply for remote tech jobs. North Korea's authoritarian government pockets the salaries, while the hackers use their access to steal secrets or install malware.
It's the kind of digital threat that will face more American organizations in the years to come as sophisticated AI programs make it easier for bad actors to deceive, according to Nicole Jiang, CEO of Fable, a San Francisco-based security company that uses AI to sniff out fake employees. AI is not only a tool for hackers, but also a critical defense against digital attackers, Jiang said.
“Cyber is a cat-and-mouse game,” she said. “Access, data, information, money: That's what they're after.”
