MS-ISAC, in coordination with the Elections Infrastructure ISAC (EI-ISAC), recently released a cyber threat intelligence (CTI) report titled: An Examination of How Cyber Threat Actors Can Leverage Generative AI Platforms. The report covers the testing conducted by the Center for Internet Security’s (CIS) Cyber Threat Intelligence team to understand how threat actors can leverage GenAI platforms, circumvent usage policies, and generate elections-focused phishing emails. It digs deep into threat actor methodologies, three GenAI platforms – ChatGPT, Gemini, and CoPilot – and covers threat actor use of voice cloning and deep fakes.

Key Findings from the Report Include:

• Threat actors can circumvent GenAI platform usage policies and are highly likely to continuously test and develop methods to leverage them for malicious purposes. While individual results vary between platforms, with some providing higher quality content than others, the output represents a starting point that CTAs can modify and incorporate into their campaigns.
• Attackers are likely to use these platforms to enhance existing methods of attack rather than deploy new and novel attacks. This includes developing content for phishing campaigns and audio/visual content for malign influence operations.
• Threat actors using GenAI for voice cloning and deepfakes will likely pose a unique challenge as GenAI improves and detection methods remain limited.

While the role GenAI will play in cybersecurity remains fluid, understanding how threat actors can leverage these platforms is essential for improving defensive capabilities. Members are encouraged to review the report as it assesses the ease at which attackers can leverage AI technology for adversarial purposes.

Access the full report below: