Security experts found what they think is the first time an AI carried out a cyber attack all by itself. The complete automated campaign used an AI to carry out a ransomware attack. Victims have to pay money to get their data back.
A team from the cloud security company Sysdig said that an AI attacker dubbed ” Jadepuffer ” got into a weak server, found passwords and login details, and then locked a production database while asking for a bitcoin ransom.
“Ransomware has had a human at the keyboard, or at least a human writing its script, since it was first established as a category of threat,” Michael Clark, director of threat research at Sysdig, wrote in a blog post”.
“The Sysdig Threat Research Team (TRT) has captured what we assess to be the first documented case of agentic ransomware: a complete extortion operation driven end-to-end by a large language model (LLM).”
Immediately after gaining access to Langflow, an open source tool for building AI applications, the LLM began looking for credentials “with explicit coverage of Chinese providers” like Alibaba, Tencent and Huawei.
The self-driving system could change its tactics right away, working faster than the best human operators. “The most striking characteristic, however, was the LLM’s behaviour,” Mr Clark said.
“The operation adapted in real time, retrying failed steps within refined parameters. In one sequence, it went from a failed login to a working fix in 31 seconds.”
Even if the victim paid the ransom, they still couldn’t get back the stolen data because the AI had already deleted it and didn’t make any backups.
The results need yet to be verified by others, but the event shows a rising danger that AI systems create as they get better at doing complicated cyber attacks without human control.
The Five Eyes security group gave a rare warning last month that AI could cause big havoc for businesses and governments in just a few months.
“Frontier AI models are anticipated to exceed current industry expectations, fundamentally transforming both offensive and defensive cyber capabilities,” the warning stated. “A whole-of-organization and whole-of-society response is required.”
InfoSecBulletin Cybersecurity for mankind
