Thomas Roccia 

🎁 GenAI x Sec Advent #10

Sora, the video generator, has just been released, so I think this is a good opportunity to discuss about influence operations through the usage of Generative AI!

☠️ We’ve already seen threat actors leveraging GenAI for misinformation that fuels disinformation campaigns, erodes trust, and amplifies societal divides. Some recent examples such as Russian Threat Actor Storm-1679 spreading misinformation powered by GenAI during the Olympic Games in Paris (https://blogs.microsoft.com/on-the-issues/2024/06/02/russia-cyber-bots-disinformation-2024-paris-olympics/) or the Iranian Threat Actor Storm-2035 influencing the US election using AI-enabled services to plagiarize content (https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcorp/microsoft/final/en-us/microsoft-brand/documents/5bc57431-a7a9-49ad-944d-b93b7d35d0fc.pdf).

In the paper "Generative AI Misuse: A Taxonomy of Tactics and Insights from Real-World Data", ten distinct tactics have been identified: 👇

1️⃣ Impersonation: Assume the identity of a real person to act on their behalf.
2️⃣ Appropriated Likeness: Use or alter a person's likeness or identifying features.
3️⃣ Sockpuppeting: Create synthetic online personas or accounts.
4️⃣ NCII: Generate non-consensual intimate imagery using someone's likeness.
5️⃣ CSAM: Create child sexually explicit material
6️⃣ Falsification: Fabricate or falsely represent evidence, reports, or documents.
7️⃣ IP Infringement: Use someone’s intellectual property without permission.
8️⃣ Counterfeit: Reproduce or imitate original work, brand, or style to pass as real.
9️⃣ Scaling & Amplification: Automate, amplify, or scale workflows.
🔟 Targeting: Refine outputs to craft highly tailored attacks.

These tactics are not new, but GenAI lowers the barriers, it makes them easier, faster, and more scalable than ever.

I think the implications are beyond democracy, freedom, and security. They challenge trust in information, fuel economic harm through scams and counterfeits, intensify social polarization, and even threaten psychological well-being.

What do you think? Are we facing another turning point where technology redefines trust and societal norms? 🤔

Also are we really running in a simulation? 😁 (The video has been generated with Sora) #Genai #Cybersecurity #influenceOperation

How Russia is trying to disrupt the 2024 Paris Olympic Games - Microsoft On the Issues

Russia is ramping up malign disinformation campaigns against France and this summer’s Olympic Games in Paris. While Russia has a decades-long history of targeting the Olympic Games, the Microsoft Threat Analysis Center has observed old tactics blending with AI in malign activity that may intensify as the 2024 Paris Opening Ceremony approaches.

Microsoft On the Issues
Dec 10, 2024 at 1:57amWeb
Show threadThomas Roccia Dec 10, 2024
If you want to have a look to the paper I am talking about it is available here 👇
https://arxiv.org/abs/2406.13843
Generative AI Misuse: A Taxonomy of Tactics and Insights from Real-World Data

Generative, multimodal artificial intelligence (GenAI) offers transformative potential across industries, but its misuse poses significant risks. Prior research has shed light on the potential of advanced AI systems to be exploited for malicious purposes. However, we still lack a concrete understanding of how GenAI models are specifically exploited or abused in practice, including the tactics employed to inflict harm. In this paper, we present a taxonomy of GenAI misuse tactics, informed by existing academic literature and a qualitative analysis of approximately 200 observed incidents of misuse reported between January 2023 and March 2024. Through this analysis, we illuminate key and novel patterns in misuse during this time period, including potential motivations, strategies, and how attackers leverage and abuse system capabilities across modalities (e.g. image, text, audio, video) in the wild.

arXiv.org
Show threadGyle_dCDec 11, 2024
@fr0gger Merci for sharing!