Government-sponsored hackers are using Google’s Gemini AI to make their attacks more effective, according to a report by Google Threat Intelligence Group.
The report published on 29 January said that the abuse of generative AI by government threat actors is a real and present danger, not some future projections as some analysts say.
How state threat actors exploit Gemini
Gemini is Google’s AI model developed to improve the experience of Google’s customers using any service across the company’s platforms.
However, the report cited several instances in which government threat actors have exploited the AI model for hacking purposes.
The report said there are two ways that threat actors use Large Language Models (LLMs) like Gemini to enhance their activities.
The first is to generate code for malware or content for phishing emails, and the second is to instruct a model or AI agent to take malicious actions such as finding sensitive user data and exfiltrating.
The Iranian advanced persistent threat (APT) actors, for example, are said to use Gemini for research on defense organizations, vulnerability research, and creating content for campaigns.
Second are the Chinese APT actors which used Gemini to conduct reconnaissance, for scripting and development, to troubleshoot code, and to research how to obtain deeper access to target networks.
North Korean APT actors also among other things used Gemini to research topics of strategic interest to the North Korean government, such as the South Korean military and cryptocurrency.
These are just a few examples of instances where government-sponsored threat actors have exploited Gemini to their advantage, which raises a lot of concern.
A call for caution
To prevent any further damage caused through the exploitation of generative AI by threat actors, the report called on all stakeholders to maximize AI’s benefits and reduce the risk of abuse.
Meanwhile, Gemini has become a critical part of Google’s infrastructure. It has been applied in different services that Google offers, including Google Shopping, and in search results.
For the most part, the AI model is still being improved upon, but with the exploitation from threat actors, the battle ahead may become tougher as AI is becoming popular in every aspect of human endeavor.