BLOG

Will ChatGPT Change Cybersecurity?

The leading question around the Cybersecurity community has been, "Will ChatGPT and OpenAI change Cybersecurity?"

It's a great question, as those technologies are far more advanced than most of us expected them to be at this point in time. The answer is, "We aren't entirely sure, but we have an idea."

Even asking ChatGPT for the answer is met with some ambiguity.

"It is possible that ChatGPT or similar language models may be used in the field of cybersecurity in the future. For example, they could potentially be used to generate more realistic and diverse phishing or malware attacks, or to assist in analyzing large volumes of text-based data such as logs or email communications. However, it's important to note that these models are not inherently malicious and their use in cybersecurity would depend on how they are implemented and controlled by organizations."
Anyone that has spent time around machine learning or data modeling will agree that all data used to build those models is historical, because that's how data works. You can't collect it until it has happened. This understanding helps frame up the possibilities around the potential of ChatGPT and OpenAI.

Created predictions aren't binary, meaning a "yes" or a "no", but made in "varying degrees of confidence".

So, knowing that it can't do all of the things, let's look at some of the things that it can, and often, won't do.

Offensive Capabilities

  • Phishing - It will not automatically write a phishing email. Protections are in place to dissuade the use of the platform for malicious uses. Yes, some protections can be bypassed, but as new tactics are attempted, new protections are put in place.
  • Social Engineering - ChatGPT will create content that could be used in a social engineering campaign, but the effectiveness of that content still comes down to the creativity of the threat actor. It will not fully automate a social engineering campaign.
  • Malware Generation - ChatGPT will happily write an Ansible playbook or other remote management program that can be used in Malware. However, it will not create new vulnerabilities and requests to do so respond with how to defend a system against a particular class of vulnerabilities.
Defensive Capabilities

Also, it can build defenses.

  • Zeek Behavioral Detections - ChatGPT can create detections for malicious events that could occur on networks, such as this detection for beaconing. Beaconing is a common indicator of a successful ransomware event.
  • Windows Event Log Detections - ChatGPT will create detections that will search the Security event log for events that correlate with specific event IDs, then filters the events that occurred in the past day and checks if any events match the criteria. If any events are found, it will output a warning message and display the matching events. Otherwise, it will output a message saying that no suspicious activity was detected.
  • Email Phishing and Ransomware Detections - ChatGPT will build a detection looks for specific keywords in the subject, sender, and body of an email. If the email contains "urgent", "bank", "click here", "password", and "account" in those fields, it will trigger the detection and print a message indicating that a phishing email has been detected.


As we continue the conversation around ChatGPT and the potential impacts it might have, let's not lose focus on the positives of this incredible innovation. As shown above, ChatGPT currently provides more positive impact than negative.

MORE FROM THE BLOG

Leargas Security's Take on the LockBit Ransomware Disruption: Patrick Kelley's Insights with Josh Breslow of Fox News

Leargas Security's Take on the LockBit Ransomware Disruption: Patrick Kelley's Insights with Josh Breslow of Fox News

In a compelling interview with Josh Breslow of Fox News, Patrick Kelley, the founder of Léargas Security, delved into the…

Navigating the Dark Waters: The Fulton County Hack and the Role of Cybersecurity Experts

Navigating the Dark Waters: The Fulton County Hack and the Role of Cybersecurity Experts

In the ever-evolving landscape of cybersecurity, a recent incident involving Fulton County’s government data breach sheds light on the complexities…

Leargas Security's Patrick Kelley to Mentor and Present in the Exclusive NRECA Cooperative IT Mentoring Program

Leargas Security's Patrick Kelley to Mentor and Present in the Exclusive NRECA Cooperative IT Mentoring Program

We at Leargas Security are thrilled to announce an exciting development in our own Patrick Kelley’s journey with the NRECA…

Join Patrick Kelley at the 'Leading Minds of Cyber' Conference: A Must-Attend Event for Board Directors

Join Patrick Kelley at the 'Leading Minds of Cyber' Conference: A Must-Attend Event for Board Directors

The digital landscape is evolving rapidly, and with it, the importance of cybersecurity can’t be overstated. That’s why we are…

SCHEDULE YOUR LÉARGAS XDR DEMO NOW

Take a proactive stance in safeguarding your digital assets.

SOLUTIONS FOR ANY SECTOR

Tailored Security Excellence for EMCs, Enterprises, Government, and MSSPs

Whether you're an Enterprise seeking fortified defenses, a Government entity safeguarding national interests, an EMC with vital assets to protect, or an MSSP looking to empower clients with cutting-edge security, Léargas has crafted specialized solutions for you.

© Copyright Léargas Security.  All Rights Reserved.