BLOG

Will ChatGPT Change Cybersecurity?

The leading question around the Cybersecurity community has been, "Will ChatGPT and OpenAI change Cybersecurity?"

It's a great question, as those technologies are far more advanced than most of us expected them to be at this point in time. The answer is, "We aren't entirely sure, but we have an idea."

Even asking ChatGPT for the answer is met with some ambiguity.

"It is possible that ChatGPT or similar language models may be used in the field of cybersecurity in the future. For example, they could potentially be used to generate more realistic and diverse phishing or malware attacks, or to assist in analyzing large volumes of text-based data such as logs or email communications. However, it's important to note that these models are not inherently malicious and their use in cybersecurity would depend on how they are implemented and controlled by organizations."
Anyone that has spent time around machine learning or data modeling will agree that all data used to build those models is historical, because that's how data works. You can't collect it until it has happened. This understanding helps frame up the possibilities around the potential of ChatGPT and OpenAI.

Created predictions aren't binary, meaning a "yes" or a "no", but made in "varying degrees of confidence".

So, knowing that it can't do all of the things, let's look at some of the things that it can, and often, won't do.

Offensive Capabilities

  • Phishing - It will not automatically write a phishing email. Protections are in place to dissuade the use of the platform for malicious uses. Yes, some protections can be bypassed, but as new tactics are attempted, new protections are put in place.
  • Social Engineering - ChatGPT will create content that could be used in a social engineering campaign, but the effectiveness of that content still comes down to the creativity of the threat actor. It will not fully automate a social engineering campaign.
  • Malware Generation - ChatGPT will happily write an Ansible playbook or other remote management program that can be used in Malware. However, it will not create new vulnerabilities and requests to do so respond with how to defend a system against a particular class of vulnerabilities.
Defensive Capabilities

Also, it can build defenses.

  • Zeek Behavioral Detections - ChatGPT can create detections for malicious events that could occur on networks, such as this detection for beaconing. Beaconing is a common indicator of a successful ransomware event.
  • Windows Event Log Detections - ChatGPT will create detections that will search the Security event log for events that correlate with specific event IDs, then filters the events that occurred in the past day and checks if any events match the criteria. If any events are found, it will output a warning message and display the matching events. Otherwise, it will output a message saying that no suspicious activity was detected.
  • Email Phishing and Ransomware Detections - ChatGPT will build a detection looks for specific keywords in the subject, sender, and body of an email. If the email contains "urgent", "bank", "click here", "password", and "account" in those fields, it will trigger the detection and print a message indicating that a phishing email has been detected.


As we continue the conversation around ChatGPT and the potential impacts it might have, let's not lose focus on the positives of this incredible innovation. As shown above, ChatGPT currently provides more positive impact than negative.

MORE FROM THE BLOG

Strengthening ICS/SCADA Security with Leargas Security’s Comprehensive Platform

Strengthening ICS/SCADA Security with Leargas Security’s Comprehensive Platform

Strengthening ICS/SCADA Security with Leargas Security’s Comprehensive Platform Ensuring the security of industrial control systems (ICS) and supervisory control and…

Patrick Kelley to Present at NRECA Co-Op Cyber Tech Conference

Patrick Kelley to Present at NRECA Co-Op Cyber Tech Conference

We are excited to announce that our very own Patrick Kelley, co-founder of Léargas Security, will be presenting at the…

Announcing Our New Promo Video Reel: Showcasing Léargas's Comprehensive Security Solutions

Announcing Our New Promo Video Reel: Showcasing Léargas's Comprehensive Security Solutions

We are thrilled to unveil our latest promotional video reel, designed to highlight the powerful and versatile capabilities of the…

Empowering Cybersecurity: A Special Workshop by Patrick Kelley at E-ISAC’s CRISP

Empowering Cybersecurity: A Special Workshop by Patrick Kelley at E-ISAC’s CRISP

Empowering Cybersecurity: A Special Workshop by Patrick Kelley at E-ISAC’s CRISP   We are thrilled to announce that our founder,…

SCHEDULE YOUR LÉARGAS XDR DEMO NOW

Take a proactive stance in safeguarding your digital assets.

SOLUTIONS FOR ANY SECTOR

Tailored Security Excellence for EMCs, Enterprises, Government, and MSSPs

Whether you're an Enterprise seeking fortified defenses, a Government entity safeguarding national interests, an EMC with vital assets to protect, or an MSSP looking to empower clients with cutting-edge security, Léargas has crafted specialized solutions for you.

© Copyright Léargas Security.  All Rights Reserved.