The Rise of State-Sponsored AI Cyber Threats

Maryan Duritan
Maryan Duritan
IT Writer
Last updated: May 15, 2024
Why Trust Us
Our editorial policy emphasizes accuracy, relevance, and impartiality, with content crafted by experts and rigorously reviewed by seasoned editors for top-notch reporting and publishing standards.
Purchases via our affiliate links may earn us a commission at no extra cost to you, and by using this site, you agree to our terms and privacy policy.

In the evolving landscape of cybersecurity, Microsoft and OpenAI have highlighted the escalating involvement of artificial intelligence (AI) by state-sponsored cyber threat groups from Russia, China, North Korea, and Iran. These adversaries are increasingly exploiting large language models (LLMs) like ChatGPT, leveraging artificial intelligence to enhance their cyber-espionage and sabotage operations. The strategic use of AI technologies by these groups underscores the growing complexity of global digital security challenges, highlighting the need for advanced defenses.

To combat these AI-enabled threats, OpenAI and Microsoft have joined forces, dedicating resources to identify and counteract the maneuvers of these state-backed entities. Their collaboration focuses on neutralizing attempts to misuse AI technologies, including large language models, and integrating countermeasures into the broader cybersecurity ecosystem. Microsoft’s effort to categorize adversary tactics within the MITRE ATT&CK framework is a critical endeavor towards developing a comprehensive defense against the misuse of artificial intelligence in cyberattacks.

This united front against the exploitation of AI and large language models by malicious state actors emphasizes the importance of collaboration in the digital age. As artificial intelligence continues to evolve, the commitment to preventing its abuse by cyber threat actors is crucial for ensuring the ethical use of AI and maintaining a secure digital world.


  • Microsoft and OpenAI spotlight cyber threats from Russia, China, North Korea, and Iran, utilizing large language models (LLMs) like ChatGPT for harmful operations.
  • Identified groups include China’s Charcoal Typhoon and Salmon Typhoon, Russia’s Forest Blizzard, North Korea’s Emerald Sleet, and Iran’s Crimson Sandstorm, engaging in activities like reconnaissance and malware development using LLMs.
  • Experts warn of the escalated challenge in cybersecurity with the advent of AI-powered state-backed cyber threats, stressing the urgent need for advanced countermeasures.

State Actors and Their Use of AI in Cyber Attacks

Microsoft’s investigations into the activities of nation-state threat actors reveal a concerning trend: the exploration of artificial intelligence (AI) for cyber warfare. While there have yet to be any successful AI-driven cyberattacks attributed to these groups, their actions suggest a keen interest in leveraging AI for malicious purposes. These activities range from conducting detailed reconnaissance and creating deceptive communications using AI’s language capabilities, to developing advanced malware and software scripts.

The focus on large language models (LLMs) like ChatGPT by these state-backed groups indicates a strategic approach to understanding and exploiting AI technologies for cyber espionage and attacks. This emerging battlefield highlights the urgent need for the cybersecurity community to adapt and respond to the weaponization of AI.

1. Forest Blizzard

Microsoft has identified Forest Blizzard, purportedly linked with Russia’s military intelligence, as utilizing AI to advance their intelligence and military objectives, with a keen focus on Ukraine. This group strategically employs large language models (LLMs) for a range of activities from scripting to detailed research on satellite and radar technologies critical to military engagements. Their work includes gathering intelligence and conducting advanced research to bolster cyber operations.

The utilization of LLMs by Forest Blizzard involves deep dives into satellite communication protocols and radar imaging technologies. Such activities indicate a concerted effort to acquire comprehensive knowledge of satellite capabilities, likely to enhance military operational effectiveness. Microsoft’s findings reveal a deliberate approach to understanding and potentially exploiting technological advancements for strategic advantages.

This exploration into the technical parameters of satellite and radar technologies by Forest Blizzard underscores a sophisticated attempt to integrate AI tools into the realm of cyber warfare and intelligence gathering. The group’s actions reflect a broader trend of state-affiliated actors leveraging AI to gain a competitive edge in both cyber and conventional military domains, highlighting the evolving landscape of security and intelligence operations in the digital age.

2. Emerald Sleet

Emerald Sleet, identified as a North Korean cyber group, has utilized large language models (LLMs) for intelligence gathering and spear-phishing attacks, targeting think tanks and experts on North Korea. By impersonating reputable academic institutions and NGOs, they aim to elicit sensitive information about foreign policies. Microsoft’s crackdown on accounts associated with Emerald Sleet reflects efforts to mitigate their impact, highlighting the group’s sophisticated use of AI for cyber espionage.

This group’s operations, associated with known entities like Kimsuky and Velvet Chollima, underline the strategic use of AI by North Korean operatives for advanced cyber warfare and intelligence collection. Their tactics emphasize the evolving threat landscape, necessitating enhanced cybersecurity measures to counter AI-powered cyber threats effectively.

3. Salmon Typhoon

Salmon Typhoon is accused of leveraging generative AI for a diverse array of activities, including the translation of technical documents, the acquisition of publicly accessible data on various intelligence agencies, and assistance with coding tasks. Their exploratory engagement with large language models (LLMs) throughout 2023 suggests a deliberate evaluation of AI’s efficacy in obtaining insights on potentially sensitive areas such as regional geopolitics, the influence of the US, and internal affairs.

This threat actor has demonstrated its capabilities through the deployment of malware, such as Win32/Wkysol, to maintain remote access to compromised systems, highlighting their sophisticated operational strategies. Microsoft’s analysis indicates that Salmon Typhoon’s adaptation of AI tools for cyber operations mirrors traditional cyber threat behaviors in a new technological context. In response to these activities, Microsoft has disabled all accounts and assets associated with Salmon Typhoon, aiming to mitigate the risks posed by AI-enabled cyber threats.

4. Charcoal Typhoon

Charcoal Typhoon, identified alongside Salmon Typhoon as two Chinese state-sponsored groups, is accused of exploiting AI models for malicious purposes. Known also as Aquatic Panda, Charcoal Typhoon has utilized ChatGPT to collect information on companies, craft texts for social engineering, debug code, and create scripts aimed at advancing their cyber operations.

Microsoft’s investigations reveal that Charcoal Typhoon has targeted a wide range of sectors, including government, higher education, communications infrastructure, oil and gas, and information technology. Their activities have largely been directed at entities in Taiwan, Thailand, Mongolia, Malaysia, France, and Nepal. However, their interest spans globally, especially towards institutions and individuals that stand in opposition to China’s policies.

The interaction of Charcoal Typhoon with large language models (LLMs) appears to be an exploration of how these technologies can enhance their technical capabilities. This exploration has involved using LLMs for tooling development, scripting, understanding cybersecurity tools, and creating content for social engineering purposes. In response to these findings, Microsoft has taken action by disabling all accounts and assets associated with Charcoal Typhoon, underscoring a commitment to preventing the misuse of AI technologies in cyber threats.

5. Crimson Sandstorm

Crimson Sandstorm, identified as an Iranian threat group affiliated with the Islamic Revolutionary Guard Corps is accused of leveraging generative AI technologies. This threat actor has notably used AI to craft sophisticated spear-phishing emails and develop scripts designed to slip past security measures undetected.

Microsoft’s observations highlight that Crimson Sandstorm’s interactions with AI have focused on enhancing their social engineering strategies, troubleshooting programming errors, developing in .NET, and finding ways to remain undetected on compromised systems. In response to these activities, Microsoft has taken proactive measures by shutting down accounts suspected of being linked to Crimson Sandstorm, thereby reinforcing efforts to curb the misuse of AI in cybersecurity threats.

Enhancing AI Security Frameworks with Detailed LLM-Themed TTPs

Microsoft’s collaborative efforts with MITRE have spotlighted a comprehensive array of tactics, techniques, and procedures (TTPs) that emphasize the multifaceted risks posed by the malicious use of large language models (LLMs). These TTPs offer a deep dive into the sophisticated methods employed by cyber threat actors, underscoring the necessity for a nuanced approach to AI security:

  • LLM-Informed Reconnaissance: This involves using LLMs to collect critical data on technology infrastructures and uncover potential security weaknesses, enabling targeted attacks.
  • LLM-Enhanced Scripting Techniques: Cyber attackers utilize LLMs to craft or improve scripts for cyber operations. This includes creating scripts for cyberattacks or basic tasks like identifying user events on a system, aiding in troubleshooting, and comprehending web technologies.
  • LLM-Aided Development: LLMs play a crucial role in the entire development process of malicious tools, including malware, by facilitating the creation, testing, and refinement of such tools.
  • LLM-Supported Social Engineering: LLMs are instrumental in improving communication strategies used in social engineering, assisting with language translation, and crafting messages designed to deceive or manipulate targets.
  • LLM-Assisted Vulnerability Research: Leveraging LLMs to identify and understand vulnerabilities within software and systems presents a significant risk for targeted exploits.
  • LLM-Optimized Payload Crafting: This involves using LLMs to design and fine-tune malicious payloads, enhancing the effectiveness and stealth of cyberattacks.
  • LLM-Enhanced Anomaly Detection Evasion: Cyber attackers are using LLMs to develop methods that make malicious activities appear as normal behavior, thus evading detection by security systems.
  • LLM-Directed Security Feature Bypass: This TTP focuses on exploiting LLMs to discover methods to circumvent security measures, including two-factor authentication and CAPTCHAs, potentially compromising secure access controls.
  • LLM-Advised Resource Development: In this context, LLMs contribute to the strategic planning and development of tools and resources for cyber operations, including tool modifications and the creation of new attack vectors.

These identified TTPs form the backbone of Microsoft’s initiative to integrate LLM-related security insights into the MITRE ATT&CK framework. By doing so, Microsoft aims to arm the security community with the knowledge and tools necessary to anticipate, recognize, and counteract AI-powered threats, fostering a safer digital environment.

AI Safety Concerns Intensify Amid Growing Threats

The promise of artificial intelligence (AI) is immense, yet recent developments highlight significant safety concerns. Joseph Thacker, a principal AI engineer and security researcher at AppOmni, expresses concern over the adeptness of cyber threat actors in using AI for malicious purposes. “Threat actors that are effective enough to be tracked by Microsoft are likely already proficient at writing software,” he remarks. Thacker points out that, although AI technologies present vulnerabilities that nefarious actors are keen to exploit, a truly novel form of attack has yet to emerge. Nonetheless, he cautions against underestimating the potential for such advancements to go unnoticed initially.

“If a threat actor found a novel attack use case, it could still be in stealth and not detected by these companies yet, so it’s not impossible. I have seen fully autonomous AI agents that can “hack” and find real vulnerabilities, so if any bad actors have developed something similar, that would be dangerous. And open source models like Mixtral [an LLM release by Mistral AI] are high quality and could be used at scale in novel ways.”

A significant issue with the current generation of large language models (LLMs) is their inability to deeply understand the content and context, leading to outputs that, while convincing, lack a foundation in truth, ethics, or safety considerations. Loris Degioanni, CTO and Founder at Sysdig, highlights this flaw, noting, “generative AI can take natural language prompts and convert them to system queries and go as far as generating very convincing natural language phishing emails.”

Efforts to bolster AI safety, such as the establishment of the United States AI Safety Institute and the UK’s AI Safety Institute, are steps in the right direction. However, Irina Tsukeerman, president of Scarab Rising, emphasizes that achieving true AI safety requires addressing a broader spectrum of challenges. “Complicated regulatory, governance, and private sector market landscape, exponential innovation growth, various geopolitical security crises, tech sector interests, and the vested interests of the tech sector and the ambitions of individual companies and leaders,” she explains, suggesting that the path to AI safety is complex and multifaceted.

Addressing AI-Driven Cybersecurity Challenges

Countering AI-driven cyber threats requires a shift towards fostering responsible AI innovation, according to Joseph Thacker. He argues for a change in focus towards ethical education within the tech industry, emphasizing that:

“The genie is out of the bottle when it comes to generative AI. No regulations or bans will put it back in. Instead, we must double down on instilling ethics in computer science education and broader technology culture. Initiatives like the Institute for Ethical AI and Machine Learning can nurture values-driven technologists.”

He also suggests that whistleblower policies and the establishment of watchdog groups are essential to mitigate the prioritization of profit over public welfare.

Irina Tsukerman supports Thacker’s view, advocating for a collaborative approach that includes a wide range of experts to develop comprehensive policies for AI usage. This collaborative effort aims to ensure that AI development is guided by ethical and security considerations.

Dane Sherrets, a Solutions Architect at HackerOne, acknowledges the inevitability of challenges in the realm of generative AI but stresses the importance of transparency and collaboration among AI developers. He points out the need for:

“Commitment to transparency for what they have built, how they have built it, how they have tested it, and results of that testing and commitment to coordination with other organizations building AI.”

Fred Kwong, the CISO at DeVry University, highlights the importance of integrating AI into cybersecurity defenses, focusing on key strategies such as enhancing the security infrastructure with AI and machine learning, emphasizing cybersecurity basics, and moving towards more secure authentication methods beyond passwords. These measures collectively represent a forward-thinking approach to safeguarding against AI-driven cybersecurity threats.


Artificial Intelligence (AI) is emerging as a critical battleground in the cybersecurity domain, with its importance extending beyond mere market competition to the core of defense strategies against evolving cyber threats. In this pivotal period, the need for focused leadership and international collaboration is paramount to steer AI development towards enhancing global digital safety.

Key industry players, including Microsoft, OpenAI, Google, and Anthropic, must join forces to address state-sponsored AI threats effectively. Such a coalition would send a powerful message about the tech industry’s unified commitment to prioritizing safety and ethical considerations in AI advancements. This collaborative approach is crucial for leveraging AI to bolster cybersecurity defenses while ensuring that technological progress serves the broader good of society, fostering a more secure and ethically responsible digital future.

Posted in :

Related terms

Related articles

About XPS's Editorial Process

XPS's editorial policy focuses on providing content that is meticulously researched, precise, and impartial. We adhere to rigorous sourcing guidelines, and every page is subject to an exhaustive review by our team of leading technology specialists and experienced editors. This method guarantees the integrity, pertinence, and utility of our content for our audience.

Maryan Duritan
Maryan Duritan
Maryan Duritan, a seasoned U.S.-based copywriter and SEO specialist, excels in making complex ideas accessible. She crafts compelling website content, blogs, articles, ebooks, press releases, and newsletters, tailoring tone and voice to match client goals and audience needs. Her creative precision transforms ideas into impactful content.

Why Trust Us

Our editorial policy emphasizes accuracy, relevance, and impartiality, with content crafted by experts and rigorously reviewed by seasoned editors for top-notch reporting and publishing standards.

Purchases via our affiliate links may earn us a commission at no extra cost to you, and by using this site, you agree to our terms and privacy policy.

Latest articles

Most popular

Latest articles

Popular categories

Artificial intelligence

Artificial Intelligence (AI) is a branch of computer science focused on creating systems that emulate human intelligence.


Cryptocurrency is a digital currency secured by cryptography and operates without a central authority.


Latest developments in technology, including new gadgets, software updates, industry trends, and breakthroughs in science and innovation.


Covers updates and developments in the video game industry, including new game releases, updates, reviews, and events.


Cybersecurity is protecting computer systems and data from digital attacks and unauthorized access.


Provides updates on financial markets, stock performances, economic trends, and investment strategies.


Updates on VPN technology, security features, service providers, privacy issues, and changes in regulations affecting VPN usage.


Networking connects computers and devices to share resources and information using hardware and software.