During the RSAC Conference, Google executives presented insights into how advanced persistent threat (APT) groups are utilizing artificial intelligence for cyber attacks. Sandra Joyce highlighted that attackers from several nations, including Iran and China, are using Google’s Gemini AI to aid in reconnaissance, script development, and phishing. Despite these uses, Joyce noted that attacks remain at a low complexity, and AI safety measures are preventing more sophisticated outcomes. The presentation underscored the evolving role of AI in cybersecurity, with the potential for AI to discover vulnerabilities as demonstrated by the Big Sleep vulnerability.
"We haven't yet seen indications of adversaries developing any fundamentally new attack vectors with these models," Joyce said.
"We believe that this is the first public example of an AI agent finding a previously unknown exploitable memory issue in widely used real world software," Joyce said.
Collection
[
|
...
]