DevSecOps Blueprint: from Vulnerability Management and Security-by-Design to Pipeline Integrity


DevSecOps Blueprint: from Vulnerability Management and Security-by-Design to Pipeline Integrity


How is ChatGPT changing the game for hackers

Can ChatGPT be used by hackers? This is a question I asked two top-of-the-game hackers on The Security Repo. Noah Tongate and Adriel Desautel explain the risks of ChatGPT and other AI systems as it relates to hacking now and in the future.

Video Transcript

um I want to switch up just a little bit going from talking about human side of things to the AI side of things and the emergence of AI uh here recently we've seen a lot about or heard a lot about chat GPT how are these things factoring in if they are at all uh have we seen anything on the horizon of how this is affecting the ransomware game yeah um honestly I think it's kind of an interesting question because there has been a lot of hype around platforms for these AI Platforms in general just kind of like jet chat GPT um but in my opinion I've played a little bit around with them and I've asked them hey can you can you write a malware that can encrypt a file or encrypt an entire directory or maybe even just Snippets to kind of piece together things and it does a half decent job but it's nowhere left near the level of sophistication essentially of what we'll see in these Advanced adversaries so I don't think I think really at least from the AI perspective something that we really have to worry about at least right now maybe in a few years when it gets a little bit more uh more perfected and more uh I guess down to a t then then it might be a little bit more of a concern but for now I think that we're not really too concerned with it with AI yeah I have to agree I think it doesn't have enough uh really high quality sample sets to learn from to be able to do anything mind-blowing but I agree I think in a few years the landscape might be very different yeah it's really interesting because it does run on the sample set so it would need to it would need to be able to have access to to to a lot of high quality malware to be able to reproduce it I I think probably you know but I what I think might it might do is lower the barrier to entry for someone wanting to do something malicious something simply malicious right you know so it might okay so chat DGP isn't going to be able to hack Google when you write a command into it but it may produce some malware something that you can send in an email you know to to do something to do something minor um which is which is interesting I don't know the whole AI the AI side of things is is scaring is scaring me I I spent I spent an hour running code the other day and kept getting an error and I plugged it into chat dtp and it was and it gave me a solution and I'll say oh oh God we're done for